BOB: Business Objects Board
Not endorsed by or affiliated with SAP

Register | Login 

Want to sponsor BOB? 
Want to sponsor BOB? (Opens a new window)  

General Notice: Upcoming Events: PGHBOUG: Aug 23.

LDAP Configuration
1 members found this topic helpful
Goto page Previous  1, 2, 3, 4
 
Search this topic... | Search CMC... | Search Box
Register or Login to Post    Forum Index -> Security and User Administration -> CMC  Previous TopicPrint TopicNext Topic
Author Message
Ahsan
Forum Member
Forum Member



Joined: 01 Sep 2008

Posts: 13



PostPosted: Mon Sep 08, 2008 2:44 am 
Post subject: Re: LDAP Configuration

hi...

the error is solved...

mapped the group with only cn=dominogroupname

it automatically added secLDAP:cn=dominogroupname.
Back to top
juliaugong
Forum Member
Forum Member



Joined: 05 Nov 2008

Posts: 24



PostPosted: Fri Nov 21, 2008 4:59 am 
Post subject: Re: LDAP Configuration

if you are using Redhat Linux and openLDAP, a few modifications must be done.

1. modify the nis.schema

find and modified

objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top STRUCTURAL
DESC 'Abstraction of a group of accounts'
MUST ( cn $ gidNumber )
MAY ( userPassword $ memberUid $ description $ member ) )

then use the attachement "migrate_group1.pl" to generate group.ldif

and the BOE LDAP attributes like the attachment picture.

then you can use openLDAP correctly.
Back to top
amitbh_4u
Forum Member
Forum Member



Joined: 04 Jun 2007

Posts: 22


flag
PostPosted: Tue Nov 25, 2008 1:56 am 
Post subject: Re: LDAP Configuration

Hi Friends icon_smile.gif ,
I've successfully configured LDAP authentication for BOXIR2. Now my users are able to log into Desktop Intelligence, Designer. But they are not able to log into Infoview banghead.gif .
I want to know if anyone of you are receiving a similar error and if so what was the step taken to log into Infoview.

Following is the error message received while logging into Infoview:

"Account Information Not Recognized: LDAP Authentication could not log you on. Please make sure your logon information is correct. If your account is under any root other than DC=corporate,DC=com you must enter your dn. "

For your information my LDAP group is:
secLDAP:cn=sgdtreuat, ou=dls, ou=groups, dc=corporate, dc=com

Your solution to this problem would be highly appreciated. Thanks in advance.
Back to top
Ahsan
Forum Member
Forum Member



Joined: 01 Sep 2008

Posts: 13



PostPosted: Tue Nov 25, 2008 2:22 am 
Post subject: Re: LDAP Configuration

hi amitabh...

try entering only cn=sgdtreuat,ou=dls, ou=groups

or try only cn=sgdtreuat

make sure that the sgdtreuat is a group on ur directory server.
Back to top
amitbh_4u
Forum Member
Forum Member



Joined: 04 Jun 2007

Posts: 22


flag
PostPosted: Tue Nov 25, 2008 4:06 am 
Post subject: Re: LDAP Configuration

Hi Ahsan,
sgdtreuat is a group in the LDAP server. That is confirmed because, users are added and they are able to login to Deski, Designer. But they are only facing problem while logging to Infoview.
I deleted the existing LDAP member group entry and added the following as suggested by you. But its not getting updated. Getting the following error:
1) When I tried to add cn=sgdtreuat,ou=dls, ou=groups
Error updating LDAP properties: The secLdap plugin failed to get the dn for the group cn=sgdtreuat,ou=dls, ou=groups .

2) When I tried to add secLDAP:cn=sgdtreuat, ou=dls, ou=groups
Error updating LDAP properties: The secLdap plugin failed to get the dn for the group secLDAP:cn=sgdtreuat, ou=dls, ou=groups.

3) When I tried to add secLDAP:cn=sgdtreuat
Error updating LDAP properties: The secLdap plugin failed to get the dn for the group secLDAP:cn=sgdtreuat.

The LDAP server parameter is given as per the attached screenshot.


Last edited by amitbh_4u on Tue Nov 25, 2008 4:09 am, edited 1 time in total
Back to top
Ahsan
Forum Member
Forum Member



Joined: 01 Sep 2008

Posts: 13



PostPosted: Tue Nov 25, 2008 6:28 am 
Post subject: Re: LDAP Configuration

hii...we also got the same error... r u using anon login...which directory server are u using..is it a lotus domino server...dont use anon login..create a user on the server with full admin rights and add it using cn=username


dont add secLdap in the name...jus enter the group name...

this worked for us..
Back to top
amitbh_4u
Forum Member
Forum Member



Joined: 04 Jun 2007

Posts: 22


flag
PostPosted: Wed Nov 26, 2008 3:34 am 
Post subject: Re: LDAP Configuration

Hi !!
The LDAP server type which we are using is Microsoft Active Directory Application server. Well I'm not sure if Anonymous login could be the problem. Because had that been the case, users would not have been able to login to Desktop Intelligence & Designer. Also I confirmed and checked that users can login to CMC via LDAP authentication.
The only problem is while logging to Infoview. The users are not allowed via LDAP authentication.
Anybody, who else is facing a similar problem & have resolved, please help.
Back to top
Ahsan
Forum Member
Forum Member



Joined: 01 Sep 2008

Posts: 13



PostPosted: Wed Nov 26, 2008 4:29 am 
Post subject: Re: LDAP Configuration

try using cn=username, ou=ouname, o=oname

check the spaces after the comma.

hopefully this helps....
Back to top
data_guy
Forum Associate
Forum Associate



Joined: 19 Aug 2006
ASUG Icon
Posts: 723
Location: Somewhere EveryWhere!


flag
PostPosted: Tue Apr 07, 2009 2:49 pm 
Post subject: Re: LDAP Configuration

OK, its now our turn to dive into this LDAP..

I have gone through the forum, and didn't find any one who had done this with Red Hat Linux, but I pre-assume most of the process remains the same.

So we are on XI 3.0, on Red Hat Linux ES 4. Do we have to make any chances in some file of the OS.

My /etc/openldap/ldap.conf file contains the following line:

===========================================
#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

#BASE dc=example, dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
=============================================

Here's my entries:

LDAP Hosts: boserver-dc.test.com:389
LDAP Server Type: Microsoft Active Directory Application Server
Base LDAP Distinguished Name: OU=test,DC=com
LDAP Server Administration Distinguished Name: CN=BO_Auth, CN=Users, DC=test, DC=com
LDAP Referral Distinguished Name:
Maximum Referral Hops: 0
SSL Type: None
SSO : None


At the end, it gives me Error:
"An internal error has occurred in the secLdap plugin"

And I can connect to LDAP Server with that LDAP browser, which somebody pointed out earlier. And I can see three user for group "BO_Auth"

Can any body help me with this?

Thanks,

_________________
@Data is Delicious

++++++++++++++++
Where you see risk,
I see opportunity!
Back to top
di652
Forum Enthusiast
Forum Enthusiast



Joined: 24 Feb 2005

Posts: 1175



PostPosted: Tue Jan 25, 2011 10:50 am 
Post subject: Re: LDAP Configuration

I am reading a number of conflicting posts and would like to address one main topic we have here.

Can BO work with OpenLdap ?

Has anyone done this combination before and what pitfalls or hurdles did you need to overcome.


thanks
Back to top
Display posts from previous:   
Register or Login to Post    Forum Index -> Security and User Administration -> CMC  Previous TopicPrint TopicNext Topic
Page 4 of 4 All times are GMT - 5 Hours
Goto page Previous  1, 2, 3, 4
 
Jump to:  

Index | About | FAQ | RAG | Privacy | Search |  Register |  Login 

Get community updates via Twitter:

Not endorsed by or affiliated with SAP
Powered by phpBB © phpBB Group
Generated in 0.0326 seconds using 17 queries. (SQL 0.0031 Parse 0.0010 Other 0.0285)
CCBot/2.0 (http://commoncrawl.org/faq/)
Hosted by ForumTopics.com | Terms of Service
phpBB Customizations by the phpBBDoctor.com
Shameless plug for MomentsOfLight.com Moments of Light Logo