openam can't authenticate opendj

Tagged: ,

This topic has 5 replies, 4 voices, and was last updated 5 years, 4 months ago by Imi.

  • Author
    Posts
  • #14810
     bilalusean
    Participant

    I got below Unable to authenticate to datastore error while openAm configuration

    https://postimg.org/image/3mwi2322h/

    below one is my status of opendj

    https://postimg.org/image/47gcm3tvr/

    any helps would be appreciate.

    Thanks!

    • This topic was modified 5 years, 9 months ago by bilalusean.
    • This topic was modified 5 years, 9 months ago by bilalusean.
    #14813
     Brad Tumy
    Participant

    I assume you’ve checked the usual suspects?

    – Is the DJ instance currently running (netstat -an | grep 389)
    – Are you sure that the password is correct?
    – Can you confirm that you can connect via command (e.g. Ldapbind or ldapsearch) or have you tried using an ldap client (e.g. Apache Directory Studio)?
    – Depending on your OS and/or firewall rules (e.g. RHEL) could port 389 be blocked?

    #14814
     bilalusean
    Participant

    Thanks for the quick reply.

    netstat and telnet both point out correctly so I don’t have firewall issue.

    https://postimg.org/image/wy94tbqpl/

    When I check ./status in opendj it ask password and it accept my password so password also correct

    I believe may be I did mistake in opendj configuration. I am new to this so I can’t found it easily.

    below one is my try for test with ldapsearch

    ldapsearch -x -D "dc=forge,dc=gworks,dc=mobi" -W -H forge.gworks.mobi -b "dc=forge,dc=gworks,dc=mobi"

    it throws like Could not parse LDAP URI(s)=forge.gworks.mobi (3)

    • This reply was modified 5 years, 9 months ago by bilalusean.
    • This reply was modified 5 years, 9 months ago by bilalusean.
    #14817
     Brad Tumy
    Participant

    It might be the domain name, not really sure. One way to test is to edit the /etc/hosts and change to something like ldap.example.com (3 character TLD vs 4 character). Test with that and see if your results are any different.

    Also, “-D” is the bindDN (e.g. username … I would expect something like “uid=jdoe,ou=people,dc=forge,dc=gworks,dc=mobi”) in your ldapsearch you specified a suffix and not an entry.

    #14828
     Ludo
    Moderator

    The ldapsearch command used is the Linux command which expects the -H parameter to be an LDAP URI i.e. ldap://forge.gworks.mobi/

    You might want to use the OpenDJ command line utilities, located under your instance/bin directory, which have different options and parameters but are fully documented in OpenAM and OpenDJ manuals.

    #17396
     Imi
    Participant

    I have the same problem. Did you find any solution?

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?