Hey all,

i run two CPBM Servers in Version 1.4.3 and CS 3.0.5

Now, i want to enable LDAP Authentication against a Central Active Directory.

To enable LDAP, i set the ldap.enable in the CPBM UI to true.

After that, i editet my cloud.properties file:

ldap.url=ldap://hostnameofmyDC:389
ldap.base=DC=tus,DC=tc,DC=internal
ldap.userdn=CN=ldap_cpbm,OU=CPBM,OU=Dienstkonten,DC=tus,DC=tc,DC=internaldap.password=PW123

I want that that CPBM searches in the root of the domain and not in a special OU, so i set the Domain DN as ldap.base.

When i create a Account in CPBM, i reach a message that something went wrong and i should contact the technical support.

The Catalina Log Shows me the following:

Error details:
______________

org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=tus,DC=tc,DC=internal'
]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=tus,DC=tc,DC=internal'
]; remaining name 'ou=AA000008,ou=Default'
at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:174)
at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:810)
at org.springframework.ldap.core.LdapTemplate.executeReadWrite(LdapTemplate.java:802)

Normally, LDAP error 32 indicates that the BASE DN is invalid or the bind user have not the necessary rights to browse AD.

From my side, tha base DN is correct, its the right domain syntax and an ldap browser shows me the same value. The user for base dn hast standard domain user rights and should be able to browse AD.

Anybody knows what the failure is?

Thanks