MWS and LDAP

Before MWS we used LDAP in Integration Server to authenticate via Microsoft Active Directory. Since upgrading to MWS and Central User Management we cannot get LDAP working. There are no error messages but every time we configure the directory service and go back in to check it shows as disabled. If someone could look over our settings and provide assistance we would appreciate it. We used Apache Directory Studio to retrieve the values (not sure if they are case sensitive).

below are connection details
GENERAL -
*Directory Service Name: myldap
Description:
Keywords:

CACHE -
*Cache Capacity: 1000
*Cache Timeout: 1 hour

CONNECTION INFORMATION -
Service Enabled: Yes. This service is enabled
*Error Threshold: 10
*Provider URL: ldap://:389
*Base DN: DC=iat,DC=ourdomain,DC=com
Groups DN:
User DN:
*Security Principal: CN=wmservice,CN=Users,DC=iat,DC=ourdomain,DC=com
*Security Credentials:
*Enable Default Wildcard Searches: Yes. Enable default wildcard searches

GLOBAL ATTRIBUTES -
Object class: User
Last Modified: modifyTimeStamp

USER ATTRIBUTES -
*User Object Class: user
*User ID: sAMAccountName
*Last Name: sn
*First Name: givenName
*Full Name: cn
*E-mail Address: mail
*Password: userPassword

Group Attributes:
*Group Object Class: group
*Group ID: sAMAccountName
*Group Name: cn
*Group Members: member
*Group E-mail: mail

CONNECTION POOL -
Minimum Connections: 1
Maximum Connections: 10
Maximum Connection Time: 10 minutes

DISPLAY -
Full Page View: Default
Portlet View: Default

BTW, we also created a new role under System Wide -> User Management -> Roles called LDAP User. Our test user in AD is named wmldap so we used a Simple Query (cn=wmldap) and added the role to the Administrators ACL for test purposes. I dont believe we are getting this far because the service is not enabled and does not show up as a provider during advanced group queries, etc.

If you log on MWS as sysadmin, you can browse to logging page.

On the logging page you can increase directory service threshold to debug, this will give you proper logs to understand what’s wrong when enabling AD.

If you don’t want to play with logging page, you can allways start MWS from command line as:
mws.bat -d -s default start

This will start MWS with all logging levels set to debug, and from here get pointers to understand the error.

Without getting the error you are blind. Hope you can get the error and resolve it :smiley:

Hi All,

please look the my post replies of LDAP connection in MWS

http://wmusers.com/forum/showthread.php?t=18844

OR

http://tech.forums.softwareag.com/viewtopic.php?t=22347&highlight=&sid=00f323dcb164a6d14cbe3e62687d7aa2

afphinfan i have prepared the LDAP Connection word document with screen shots which has MWS, IS and Apache Microsoft directory Screenshots, here i can’t attache the document with my reply becz it is 2MB file size, it is exceeding the attachement file size give me ur mail id i will send the document which i prepared.

regards,
anil kumar ellendula