I have got past a few problems with installation, and have finally got
to the login page, but continually come up with a login failure. I
have tested my LDAP connection and credentials using an LDAP browser
and they work fine, but I am no expert here.
I have tried a few options by stopping Tomcat, changing the "## LDAP
Server 1 Connection" section of esoe.config and restarting. Is this
going to pick up my changes? The current details are:
I have tried the "ldapURL-1" with/without port, and "baseDN-1" with/
without "CN=Users". The default for "identifier-1" in this section is
"uid", but the LDAP browser shows no such property. I have tried
replacing it with "sAMAccountName", which the LDAP browser shows as
being the account name, but it doesn't work.
During installation I did the following that was slightly different
from the instructions:
- Edited generate_db-mysql to comment out the constraints as they
caused problems with MySQL.
- Ignored the installation step of "Extract spep-shared.tar.gz to your
$TOMCAT/shared/lib directory of the tomcat instance which will run
esoemanager" as the file did not exist.
- I was confused by "Your database itself is already configured,
undertake the following for your environment." as no database had been
created, and the in the next step it was to be used. In MySql I
manually created the esoe database, after setting the engine to InnoDB
(to fix something).
I am using Windows 2003, Tomcat 5.5, MySql 5.1.30, JRE 6, and the
"current" build of OSOE (which I assume is 0.5.2 or thereabouts).
If anybody can help with the Active Directory integration I would be
very grateful.
> I have got past a few problems with installation, and have finally got > to the login page, but continually come up with a login failure. I > have tested my LDAP connection and credentials using an LDAP browser > and they work fine, but I am no expert here.
> I have tried a few options by stopping Tomcat, changing the "## LDAP > Server 1 Connection" section of esoe.config and restarting. Is this > going to pick up my changes? The current details are:
> ldapURL-1=ldap://smstsdc01
This needs to be the server DNS entry does 'nslookup smstsdc01' resolve in DNS for you?. If not you'll need something like smstsdc01.company.com
This needs to be a DN so something like sAMAccountName=tsadmin,dc=tsdev,dc=inside - please adjust accordingly for your environment.
> adminPassword-1=neveryoumind
> I have tried the "ldapURL-1" with/without port, and "baseDN-1" with/ > without "CN=Users". The default for "identifier-1" in this section is > "uid", but the LDAP browser shows no such property. I have tried > replacing it with "sAMAccountName", which the LDAP browser shows as > being the account name, but it doesn't work.
sAMAccountName for AD is the best option, you can add the cn=users to baseDN if you like but get it working without this first would be my recommendation.
> During installation I did the following that was slightly different > from the instructions: > - Edited generate_db-mysql to comment out the constraints as they > caused problems with MySQL. > - Ignored the installation step of "Extract spep-shared.tar.gz to your > $TOMCAT/shared/lib directory of the tomcat instance which will run > esoemanager" as the file did not exist. > - I was confused by "Your database itself is already configured, > undertake the following for your environment." as no database had been > created, and the in the next step it was to be used. In MySql I > manually created the esoe database, after setting the engine to InnoDB > (to fix something).
> I am using Windows 2003, Tomcat 5.5, MySql 5.1.30, JRE 6, and the > "current" build of OSOE (which I assume is 0.5.2 or thereabouts).
From memory that is the latest binary build versioning, things have progressed significantly in SVN head however.
> If anybody can help with the Active Directory integration I would be > very grateful.
Thanks for your quick reply (I went off for a coffee). Yes, nslookup
does resolve correctly, as shown below. I have updated adminUser-1 to
"tsadmin,dc=tsdev,dc=inside" or "tsadmin,cn=users,dc=tsdev,dc=inside"
without luck.
I also noticed the following in esoe-authn.log - is the lack of
something at the end a concern?
2009-02-06 09:23:05,765 ERROR esoe.authn - Failed to authenticate
principal tsadmin to underlying authentication mechanism identified by
external ESOE ID of:
Results of nslookup:
C:\Documents and Settings\mblight>nslookup smstsdc01
Server: smstsdc01.tsdev.inside
Address: 192.168.20.1
> > I have got past a few problems with installation, and have finally got
> > to the login page, but continually come up with a login failure. I
> > have tested my LDAP connection and credentials using an LDAP browser
> > and they work fine, but I am no expert here.
> > I have tried a few options by stopping Tomcat, changing the "## LDAP
> > Server 1 Connection" section of esoe.config and restarting. Is this
> > going to pick up my changes? The current details are:
> > ldapURL-1=ldap://smstsdc01
> This needs to be the server DNS entry does 'nslookup smstsdc01' resolve
> in DNS for you?. If not you'll need something like smstsdc01.company.com
> This needs to be a DN so something like
> sAMAccountName=tsadmin,dc=tsdev,dc=inside - please adjust accordingly
> for your environment.
> > adminPassword-1=neveryoumind
> > I have tried the "ldapURL-1" with/without port, and "baseDN-1" with/
> > without "CN=Users". The default for "identifier-1" in this section is
> > "uid", but the LDAP browser shows no such property. I have tried
> > replacing it with "sAMAccountName", which the LDAP browser shows as
> > being the account name, but it doesn't work.
> sAMAccountName for AD is the best option, you can add the cn=users to
> baseDN if you like but get it working without this first would be my
> recommendation.
> > During installation I did the following that was slightly different
> > from the instructions:
> > - Edited generate_db-mysql to comment out the constraints as they
> > caused problems with MySQL.
> > - Ignored the installation step of "Extract spep-shared.tar.gz to your
> > $TOMCAT/shared/lib directory of the tomcat instance which will run
> > esoemanager" as the file did not exist.
> > - I was confused by "Your database itself is already configured,
> > undertake the following for your environment." as no database had been
> > created, and the in the next step it was to be used. In MySql I
> > manually created the esoe database, after setting the engine to InnoDB
> > (to fix something).
> > I am using Windows 2003, Tomcat 5.5, MySql 5.1.30, JRE 6, and the
> > "current" build of OSOE (which I assume is 0.5.2 or thereabouts).
> From memory that is the latest binary build versioning, things have
> progressed significantly in SVN head however.
> > If anybody can help with the Active Directory integration I would be
> > very grateful.
> Thanks for your quick reply (I went off for a coffee). Yes, nslookup
> does resolve correctly, as shown below. I have updated adminUser-1 to
> "tsadmin,dc=tsdev,dc=inside" or "tsadmin,cn=users,dc=tsdev,dc=inside"
> without luck.
> I also noticed the following in esoe-authn.log - is the lack of
> something at the end a concern?
> 2009-02-06 09:23:05,765 ERROR esoe.authn - Failed to authenticate
> principal tsadmin to underlying authentication mechanism identified by
> external ESOE ID of:
> On Feb 6, 10:19 am, Bradley Beddoes <bedd...@intient.com> wrote:
>> Hi Michael,
>> Michael wrote:
>>> Hi All,
>>> I have got past a few problems with installation, and have finally
>>> got
>>> to the login page, but continually come up with a login failure. I
>>> have tested my LDAP connection and credentials using an LDAP browser
>>> and they work fine, but I am no expert here.
>>> I have tried a few options by stopping Tomcat, changing the "## LDAP
>>> Server 1 Connection" section of esoe.config and restarting. Is this
>>> going to pick up my changes? The current details are:
>>> ldapURL-1=ldap://smstsdc01
>> This needs to be the server DNS entry does 'nslookup smstsdc01'
>> resolve
>> in DNS for you?. If not you'll need something like
>> smstsdc01.company.com
>> This needs to be a DN so something like
>> sAMAccountName=tsadmin,dc=tsdev,dc=inside - please adjust accordingly
>> for your environment.
>>> adminPassword-1=neveryoumind
>>> I have tried the "ldapURL-1" with/without port, and "baseDN-1" with/
>>> without "CN=Users". The default for "identifier-1" in this
>>> section is
>>> "uid", but the LDAP browser shows no such property. I have tried
>>> replacing it with "sAMAccountName", which the LDAP browser shows as
>>> being the account name, but it doesn't work.
>> sAMAccountName for AD is the best option, you can add the cn=users to
>> baseDN if you like but get it working without this first would be my
>> recommendation.
>>> During installation I did the following that was slightly different
>>> from the instructions:
>>> - Edited generate_db-mysql to comment out the constraints as they
>>> caused problems with MySQL.
>>> - Ignored the installation step of "Extract spep-shared.tar.gz to
>>> your
>>> $TOMCAT/shared/lib directory of the tomcat instance which will run
>>> esoemanager" as the file did not exist.
>>> - I was confused by "Your database itself is already configured,
>>> undertake the following for your environment." as no database had
>>> been
>>> created, and the in the next step it was to be used. In MySql I
>>> manually created the esoe database, after setting the engine to
>>> InnoDB
>>> (to fix something).
>>> I am using Windows 2003, Tomcat 5.5, MySql 5.1.30, JRE 6, and the
>>> "current" build of OSOE (which I assume is 0.5.2 or thereabouts).
>> From memory that is the latest binary build versioning, things have
>> progressed significantly in SVN head however.
>>> If anybody can help with the Active Directory integration I would be
>>> very grateful.
>> Hopefully the above is of assistance.
>> --
>> Bradley Beddoes
>> Lead Software Architect
I am getting closer! I put in "adminUser-1=cn=TS
Admin,cn=users,dc=tsdev,dc=inside" and it seems to be progressing, but
it redirects to "http://smstsapp04:8080/signin" which produces a 404.
On Feb 6, 11:21 am, Bradley Beddoes <bedd...@intient.com> wrote:
> On 06/02/2009, at 10:09, Michael <MichaelBli...@hotmail.com> wrote:
> > Hello Bradley,
> > Thanks for your quick reply (I went off for a coffee). Yes, nslookup
> > does resolve correctly, as shown below. I have updated adminUser-1 to
> > "tsadmin,dc=tsdev,dc=inside" or "tsadmin,cn=users,dc=tsdev,dc=inside"
> > without luck.
> > I also noticed the following in esoe-authn.log - is the lack of
> > something at the end a concern?
> > 2009-02-06 09:23:05,765 ERROR esoe.authn - Failed to authenticate
> > principal tsadmin to underlying authentication mechanism identified by
> > external ESOE ID of:
> > On Feb 6, 10:19 am, Bradley Beddoes <bedd...@intient.com> wrote:
> >> Hi Michael,
> >> Michael wrote:
> >>> Hi All,
> >>> I have got past a few problems with installation, and have finally
> >>> got
> >>> to the login page, but continually come up with a login failure. I
> >>> have tested my LDAP connection and credentials using an LDAP browser
> >>> and they work fine, but I am no expert here.
> >>> I have tried a few options by stopping Tomcat, changing the "## LDAP
> >>> Server 1 Connection" section of esoe.config and restarting. Is this
> >>> going to pick up my changes? The current details are:
> >>> ldapURL-1=ldap://smstsdc01
> >> This needs to be the server DNS entry does 'nslookup smstsdc01'
> >> resolve
> >> in DNS for you?. If not you'll need something like
> >> smstsdc01.company.com
> >> This needs to be a DN so something like
> >> sAMAccountName=tsadmin,dc=tsdev,dc=inside - please adjust accordingly
> >> for your environment.
> >>> adminPassword-1=neveryoumind
> >>> I have tried the "ldapURL-1" with/without port, and "baseDN-1" with/
> >>> without "CN=Users". The default for "identifier-1" in this
> >>> section is
> >>> "uid", but the LDAP browser shows no such property. I have tried
> >>> replacing it with "sAMAccountName", which the LDAP browser shows as
> >>> being the account name, but it doesn't work.
> >> sAMAccountName for AD is the best option, you can add the cn=users to
> >> baseDN if you like but get it working without this first would be my
> >> recommendation.
> >>> During installation I did the following that was slightly different
> >>> from the instructions:
> >>> - Edited generate_db-mysql to comment out the constraints as they
> >>> caused problems with MySQL.
> >>> - Ignored the installation step of "Extract spep-shared.tar.gz to
> >>> your
> >>> $TOMCAT/shared/lib directory of the tomcat instance which will run
> >>> esoemanager" as the file did not exist.
> >>> - I was confused by "Your database itself is already configured,
> >>> undertake the following for your environment." as no database had
> >>> been
> >>> created, and the in the next step it was to be used. In MySql I
> >>> manually created the esoe database, after setting the engine to
> >>> InnoDB
> >>> (to fix something).
> >>> I am using Windows 2003, Tomcat 5.5, MySql 5.1.30, JRE 6, and the
> >>> "current" build of OSOE (which I assume is 0.5.2 or thereabouts).
> >> From memory that is the latest binary build versioning, things have
> >> progressed significantly in SVN head however.
> >>> If anybody can help with the Active Directory integration I would be
> >>> very grateful.
See above, but also, I remembered something else I did differently to
the guide - when I copied ROOT.war into Tomcat, it would not deploy.
So I stopped Tomcat, moved the existing ROOT folder out, restarted and
then copied it in. Then it deployed okay, but now I can't go to the
usual Tomcat admin page.
On Feb 6, 2:52 pm, Michael <MichaelBli...@hotmail.com> wrote:
> I am getting closer! I put in "adminUser-1=cn=TS
> Admin,cn=users,dc=tsdev,dc=inside" and it seems to be progressing, but
> it redirects to "http://smstsapp04:8080/signin" which produces a 404.
> On Feb 6, 11:21 am, Bradley Beddoes <bedd...@intient.com> wrote:
> > Hi
> > You're still missing the uid= or sAMAccountName= on the dn for you're
> > admin user based on the confit you've just provided
> > On 06/02/2009, at 10:09, Michael <MichaelBli...@hotmail.com> wrote:
> > > Hello Bradley,
> > > Thanks for your quick reply (I went off for a coffee). Yes, nslookup
> > > does resolve correctly, as shown below. I have updated adminUser-1 to
> > > "tsadmin,dc=tsdev,dc=inside" or "tsadmin,cn=users,dc=tsdev,dc=inside"
> > > without luck.
> > > I also noticed the following in esoe-authn.log - is the lack of
> > > something at the end a concern?
> > > 2009-02-06 09:23:05,765 ERROR esoe.authn - Failed to authenticate
> > > principal tsadmin to underlying authentication mechanism identified by
> > > external ESOE ID of:
> > > On Feb 6, 10:19 am, Bradley Beddoes <bedd...@intient.com> wrote:
> > >> Hi Michael,
> > >> Michael wrote:
> > >>> Hi All,
> > >>> I have got past a few problems with installation, and have finally
> > >>> got
> > >>> to the login page, but continually come up with a login failure. I
> > >>> have tested my LDAP connection and credentials using an LDAP browser
> > >>> and they work fine, but I am no expert here.
> > >>> I have tried a few options by stopping Tomcat, changing the "## LDAP
> > >>> Server 1 Connection" section of esoe.config and restarting. Is this
> > >>> going to pick up my changes? The current details are:
> > >>> ldapURL-1=ldap://smstsdc01
> > >> This needs to be the server DNS entry does 'nslookup smstsdc01'
> > >> resolve
> > >> in DNS for you?. If not you'll need something like
> > >> smstsdc01.company.com
> > >> This needs to be a DN so something like
> > >> sAMAccountName=tsadmin,dc=tsdev,dc=inside - please adjust accordingly
> > >> for your environment.
> > >>> adminPassword-1=neveryoumind
> > >>> I have tried the "ldapURL-1" with/without port, and "baseDN-1" with/
> > >>> without "CN=Users". The default for "identifier-1" in this
> > >>> section is
> > >>> "uid", but the LDAP browser shows no such property. I have tried
> > >>> replacing it with "sAMAccountName", which the LDAP browser shows as
> > >>> being the account name, but it doesn't work.
> > >> sAMAccountName for AD is the best option, you can add the cn=users to
> > >> baseDN if you like but get it working without this first would be my
> > >> recommendation.
> > >>> During installation I did the following that was slightly different
> > >>> from the instructions:
> > >>> - Edited generate_db-mysql to comment out the constraints as they
> > >>> caused problems with MySQL.
> > >>> - Ignored the installation step of "Extract spep-shared.tar.gz to
> > >>> your
> > >>> $TOMCAT/shared/lib directory of the tomcat instance which will run
> > >>> esoemanager" as the file did not exist.
> > >>> - I was confused by "Your database itself is already configured,
> > >>> undertake the following for your environment." as no database had
> > >>> been
> > >>> created, and the in the next step it was to be used. In MySql I
> > >>> manually created the esoe database, after setting the engine to
> > >>> InnoDB
> > >>> (to fix something).
> > >>> I am using Windows 2003, Tomcat 5.5, MySql 5.1.30, JRE 6, and the
> > >>> "current" build of OSOE (which I assume is 0.5.2 or thereabouts).
> > >> From memory that is the latest binary build versioning, things have
> > >> progressed significantly in SVN head however.
> > >>> If anybody can help with the Active Directory integration I would be
> > >>> very grateful.
Michael,
Not being able to see the server I am not really sure what additional suggestions I can make here. The 404 leads me to think that perhaps you've not deployed the web.war file to your tomcat container.
/signin is published by the ROOT.war file so perhaps this is having an issue deploying however from your previous emails this seems to not be the case.
If you'd like to get some more formal support please feel free to contact me off list (bedd...@intient.com) and we can discuss options.
regards,
Bradley
-- Bradley Beddoes
Lead Software Architect
Michael wrote:
> See above, but also, I remembered something else I did differently to
> the guide - when I copied ROOT.war into Tomcat, it would not deploy.
> So I stopped Tomcat, moved the existing ROOT folder out, restarted and
> then copied it in. Then it deployed okay, but now I can't go to the
> usual Tomcat admin page.
> On Feb 6, 2:52 pm, Michael <MichaelBli...@hotmail.com> wrote:
>> I am getting closer! I put in "adminUser-1=cn=TS
>> Admin,cn=users,dc=tsdev,dc=inside" and it seems to be progressing, but
>> it redirects to "http://smstsapp04:8080/signin" which produces a 404.
>> On Feb 6, 11:21 am, Bradley Beddoes <bedd...@intient.com> wrote:
>>> Hi
>>> You're still missing the uid= or sAMAccountName= on the dn for you're
>>> admin user based on the confit you've just provided
>>> regards,
>>> Bradley Beddoes
>>> Lead Software Architect
>>> Intient Pty Ltd
>>> http://www.intient.com >>> On 06/02/2009, at 10:09, Michael <MichaelBli...@hotmail.com> wrote:
>>>> Hello Bradley,
>>>> Thanks for your quick reply (I went off for a coffee). Yes, nslookup
>>>> does resolve correctly, as shown below. I have updated adminUser-1 to
>>>> "tsadmin,dc=tsdev,dc=inside" or "tsadmin,cn=users,dc=tsdev,dc=inside"
>>>> without luck.
>>>> I also noticed the following in esoe-authn.log - is the lack of
>>>> something at the end a concern?
>>>> 2009-02-06 09:23:05,765 ERROR esoe.authn - Failed to authenticate
>>>> principal tsadmin to underlying authentication mechanism identified by
>>>> external ESOE ID of:
>>>> Results of nslookup:
>>>> C:\Documents and Settings\mblight>nslookup smstsdc01
>>>> Server: smstsdc01.tsdev.inside
>>>> Address: 192.168.20.1
>>>> Name: smstsdc01.TSDEV.Inside
>>>> Address: 192.168.20.1
>>>> On Feb 6, 10:19 am, Bradley Beddoes <bedd...@intient.com> wrote:
>>>>> Hi Michael,
>>>>> Michael wrote:
>>>>>> Hi All,
>>>>>> I have got past a few problems with installation, and have finally
>>>>>> got
>>>>>> to the login page, but continually come up with a login failure. I
>>>>>> have tested my LDAP connection and credentials using an LDAP browser
>>>>>> and they work fine, but I am no expert here.
>>>>>> I have tried a few options by stopping Tomcat, changing the "## LDAP
>>>>>> Server 1 Connection" section of esoe.config and restarting. Is this
>>>>>> going to pick up my changes? The current details are:
>>>>>> ldapURL-1=ldap://smstsdc01
>>>>> This needs to be the server DNS entry does 'nslookup smstsdc01'
>>>>> resolve
>>>>> in DNS for you?. If not you'll need something like
>>>>> smstsdc01.company.com
>>>>>> ldapServer-1=smstsdc01
>>>>>> ldapServerPort-1=389
>>>>>> baseDN-1=DC=TSDEV,DC=Inside
>>>>>> identifier-1=sAMAccountName
>>>>>> recursive-1=true
>>>>>> disableSSL-1=true
>>>>>> adminUser-1=tsdev\tsadmin
>>>>> This needs to be a DN so something like
>>>>> sAMAccountName=tsadmin,dc=tsdev,dc=inside - please adjust accordingly
>>>>> for your environment.
>>>>>> adminPassword-1=neveryoumind
>>>>>> I have tried the "ldapURL-1" with/without port, and "baseDN-1" with/
>>>>>> without "CN=Users". The default for "identifier-1" in this
>>>>>> section is
>>>>>> "uid", but the LDAP browser shows no such property. I have tried
>>>>>> replacing it with "sAMAccountName", which the LDAP browser shows as
>>>>>> being the account name, but it doesn't work.
>>>>> sAMAccountName for AD is the best option, you can add the cn=users to
>>>>> baseDN if you like but get it working without this first would be my
>>>>> recommendation.
>>>>>> During installation I did the following that was slightly different
>>>>>> from the instructions:
>>>>>> - Edited generate_db-mysql to comment out the constraints as they
>>>>>> caused problems with MySQL.
>>>>>> - Ignored the installation step of "Extract spep-shared.tar.gz to
>>>>>> your
>>>>>> $TOMCAT/shared/lib directory of the tomcat instance which will run
>>>>>> esoemanager" as the file did not exist.
>>>>>> - I was confused by "Your database itself is already configured,
>>>>>> undertake the following for your environment." as no database had
>>>>>> been
>>>>>> created, and the in the next step it was to be used. In MySql I
>>>>>> manually created the esoe database, after setting the engine to
>>>>>> InnoDB
>>>>>> (to fix something).
>>>>>> I am using Windows 2003, Tomcat 5.5, MySql 5.1.30, JRE 6, and the
>>>>>> "current" build of OSOE (which I assume is 0.5.2 or thereabouts).
>>>>> From memory that is the latest binary build versioning, things have
>>>>> progressed significantly in SVN head however.
>>>>>> If anybody can help with the Active Directory integration I would be
>>>>>> very grateful.
>>>>> Hopefully the above is of assistance.
>>>>> --
>>>>> Bradley Beddoes
>>>>> Lead Software Architect
>>>>> Intienthttp://www.intient.com >>>>> Telephone
>>>>> Australia: (07) 3102 4560
>>>>> United States: (424) 785-0434- Hide quoted text -
>>>>> - Show quoted text -- Hide quoted text -
>>> - Show quoted text -- Hide quoted text -
>> - Show quoted text -
|
