[[Mathias Chauvin]] - IT stuff

Hello,

Thankyou for the article and the help comments. I have got the following info from an apache server. I have change the domain, group and company names. I do not know how to map this info to the tomcat configuration.
AuthLdapUrl ldap://ldap02.domain.com:389/o=company,c=com?uid?sub?(objectClass=*)

Require ldap-group cn=thegroup,o=company,c=com

Hallo,
what do uid={0} and memberUid={1} mean? I a mean the numbers between curly brackets. Great tutorial.
James

@David,

The entry userPattern="uid={0},ou=people,dc=domain,dc=com" should match your LDAP server.
In my case, users are stored in LDAP (I'm running Sun Directory Server here - but I could have been OpenLDAP or any other one) following this schema:
The user name is known by the uid.
Users entries are stored in the "people" ou, for the "domain.com" domain.

uid, ou, dc, cn, ... are quite standard, but the LDAP schema may vary depending on the LDAP server you're using...

Well, that's a really short answer to your long question, but anyone who wants to add more is welcome! ;-)

Hallo again,
Do I need to change the pairs ou=people, dc=domain, uid=(0) to the equivalentes in my LDAP server. I mean both sides (Strings) of the comparison? Or maybe just the right side value of the comparison? Are the keywords uid, ou, dc, cn, memberUid standard keywords for all posible configurations? And by configurations also mean not only in Tomcat, but also Spring Security, etc. I know this is an exhaustive question, I am having problems finding documntation. Thank you for the tutorial.

Fantastic tip, thanks! As for your comment @Danny: I think the cause of the problem is the backup being prematurely stopped. My system backs up one an hour, and if while it is backing up, I close my laptop, it seems to make the next backup have this problem. I presume that the backup volume thinks it's still connected and so when the backup tries to get access, it tells it it is already in use.

Hello, nice tutorial. In order to understand LDAP, It would be great if you could highlight in bold the generic parameters in the "Realm" definition that need to be matched from the real ldap server.
Thank you.
Newie

Thank you for this guide. The instructions proved invaluable!

For those following along, in the following command, "pass" should be "ktpass" and "HOST" should be "sol10svr":

pass -princ HOST/sol10svr@NULLDOM.COM -mapuser sol10svr@NULLDOM.com -pass TheUnknownP@sswd -out sol10svr.keytab

Obviously, make the necessary changes per your configuration.

Nice post, thanks!

Worked like a charm!

or you can set bootmode_script=boot -h
(boot in halted mode)

good code thanks

Hey Sebastian,
Actually, I've just realized that this has been almost 3 years that "the beginning (of this post) is to be written".
That should be considered as a FAIL ;-)
To make it really short, a Jumpstart server is no more than a bootp/dhcp/tftp/nfs server. If you get a look on the web to "how to create a persistent Ubuntu on USB stick", you'll find how to create such a USB bootable stick. When building it, customize it so that it has a fix IP address, and runs bootp, dhcpd, tftp and nfs servers.

try this:
http://sourceforge.net/projects/oobash/
especially if you use german umlauts

thank you!

Hey Mathias, how's this related to building a USB bootable Solaris Jumpstart server? That's what the title would have suggested to me .. (just came along via Google looking for docs on building such a thing).

Sebastian

Valuable information

you saved my life man thanks!

Hi, I am also facing the same issue right now. I've been trying to get my Tomcat and LDAP server to talk for a few days now, but just keep running into problems. Please try to help it out to start! I've managed to get the index.jsp page to show, and I believe it is hitting the LDAP server okay - if you use an invalid password it spits you to error.jsp like it should - but when you hit "okay" with a valid password it gives a 403 error. Do you have any idea what might be the cause for this? As far as I know I simply followed your instructions to the letter. I hope you are still around, and can help me!

More thanks... you saved me too!

Worked perfectly!! Thanks a lot!!!