I'm newbie to liferay 7,I want to integrate liferay 7 with CAS server using ldap.
my liferay's version is 7.0.2 GA3,CAS server's version is 3.5.2 and I'm using opendj active directory.
I have installed liferay on localhost:8080,CAS server is on one of my server
machine over ssl and ldap is on the same server machine.
I have successfully integrated CAS with ldalp that is I can able to login in CAS server from ldap users.
After this I have configured CAS authentication in liferay that is in Configuration->Instance Setting->Authentication under this CAS tab.
when I try to login im getting following url:
http://localhost:8080/?ticket=ST-36-tP25deAgea9pUfwEcf6V-cas01.example.org
Although ticket is generating,but I'm not able to access admin panel.
Please help,
Thanks in advace
This happens because there is a handshake error, so, when you configure your keystore you must be careful with CN name, cause you must use the domain name, not the IP, and if you don't have a DNS you could configure a host file, for example /etc/hosts in CentOS.
Related
I'm currently trying to configure a ldap authentication on a nuxeo server and for me documentation is not enough precise.
The Nuxeo server is on a Centos 7 on the local network.
I declared the Nuxeo server on the Windows server 2019 Active Directory which make the bridge to the WAN.
For now, I just have registered instance and installed nuxeo-web-ui nuxeo-platform-getting-started.
I'm at this page step of the documentation:
https://doc.nuxeo.com/nxdoc/using-a-ldap-directory/
I don't really understand how to map the default userDirectory to my LDAP Server.
And where can I find the extension point userManager noted in that link?:
https://explorer.nuxeo.com/nuxeo/site/distribution/Nuxeo%20Platform-2021/viewExtensionPoint/org.nuxeo.ecm.platform.usermanager.UserService--userManager
Thank You for your cooperation!
I have a Rocketchat server on docker and have Openldap server on ubuntu 16.04. I want when any user registered in my Rocketchat server by default to be added to his ldap server automatically.
is this possible?
You probably would get it easier the other way, register the user in LDAP and then sync LDAP with RocketChat.
This way you can use LDAP Sync to get your RocketChat users synced.
i have a web-application on a Windows Server 2012 R2.
The application is using Kerberos for SSO.
If i use only Tomcat everything is working fine.
But if i use an Apache in front of Tomcat the ticket seems to be wrong.
Instead of the AD-User the server from the web-application is logging in.
Is there any configuration in Apache to handle the Kerberos ticket correctly?
If you need any more informations just let me know.
I want to configure LDAP server on Linux (centos is most preferable) and I want to authenticate from my windows client to that LDAP server (on Linux) and also I want that home folder of the windows user must be stored on LDAP server (on Linux).
So how can I achieve this setup? is it possible?
You will need more than an LDAP server, as Windows clients are relying on more services than just LDAP.
Look at Samba Servers on Linux.
I have an LDAP server Novell eDirectory in my Environment through which has the user data. In my Environment i have set of Windows and Linux servers. I need to use this LDAP As the Authentication Source for for both the servers.
For Linux i need to achieve this by setting the linux as LDAP Client & extended edirectory schema for linux users and users are able to login into the machine and even able to create the home directories for the user. But the problem comes with the windows machines.
For windows machines i have used novell gina which authenticates the user using LDAP but it also requires a local or domain user credentials to login into the local system.Then for every user i have to create a local user on every system which is off target of purpose.
Then i have used pgina (Another Open Source Gina) through which i can authenticate the user using LDAP and it creates a profile for the user. Fine but it is also creating a local user with the LDAP username.If any admin changes password on the local machine for this user then the password of both the LDAP and local user will not be in sync.
How can i get the login behavoiur of active directory where it will authenticate against active directory (Think AD as LDAP) and creates a profile for you in the local system but never creates a local user.Anybody can throw some light on this to solve the issue?
Thanks and Regards,
Sunny.
I guess you are using Open Enterprise server. If you are on OES linux, probably you can use Domain Services for Windows This can help achieve what you want. You will not even need a gina login. Its a Domain emulator. So, there wont be any ldap login. It would be a kerberos login. Your eDirectory (and other related services) work exactly like AD domain. But nothing stops you to use the plain ldap login against eDirectory. You can continue to use the linux login as its now. If you are using gdm (gnome display manager) on linux it can do a domain login like the windows.