1

We recently started with Scrum at our company and we wanted to start using Kunagi to test and see how it works.

So I installed the kunagi_0.23.2.deb package that I downloaded from their website, on my Ubuntu 11.04 running in tomcat6 using openjdk-6-jre.

Everything works fine except I can't get the LDAP to work. I have one AD server and one LDAP at my disposal for testing. For the LDAP I use the following info:

  • uri: ldap://192.168.1.11:389
  • user: some_tested_user
  • passwd: the_pass
  • DN: dc=colosa,dc=net
  • LDAP Filter: (&(objectClass=user))

I tested various LDAP Filters, I don't know if I have the right one. However I get an error when clicking "test LDAP". The error refers to the DN:

Server service call error
Calling service TestLdap failed.
java.lang.RuntimeException: InvalidNameException: [LDAP: error code 34 - invalid DN]

With the AD server I get no error while testing, yet I am not able to login I get: "Login failed" every time. I don't know if this is because of the LDAP Filter I entered, yet I can't get it to work.

I have read this page stating that I need to create my accounts inside Kunagi before I can login. So I did this with no effect.

So basically my question is, what causes this DN string error (I am sure mine is right), and what LDAP Filter should I use?

mgorven
  • 30,615
  • 7
  • 79
  • 122
Willem de Vries
  • 31
  • 1
  • 6

1 Answers1

1

Error code 34 is an indication that the server to which the LDAP client is connecting has determined that the distinguished name is not of the correct syntax. From the question, dc=colosa,dc=net appears to have the correct syntax for a distinguished name. Check that the configuration has that value (perhaps a typo?).

Also, if the user listed is a distinguished name (it could be for a base level search and the application considers a distinguished name in the user field to imply a base level search), verify that is a valid distinguished name.

Use the ldapsearch command line tool to verify that the parameters used by the configuration are correct. For more information on ldapsearch, see LDAP: Using ldapsearch. For example:

ldapsearch -xLLL -H ldap://192.168.1.11:389 \
 -D user -w password -b dc=colosa,dc=net -s sub \
 '(objectClass=user)' 1.1

The filter listed is a valid filter, though the simpler filter (objectClass=user) could be used.

Community
  • 1
Terry Gardner
  • 632
  • 5
  • 9
  • Thank you so much! I am most def on step further!! It turns out that the "dc=colosa,dc=net" needed to be "DC=colosa,DC=net":S It returns nothing yet, the filter is wrong (* returns a lot). I will try and look into this filter stuff a bit more. I am sorry that I can't vote this answer one up, my reputation is to low. I will try and gather some and give you a vote! – Willem de Vries Jul 05 '12 at 14:04