iPlanet LDAP in 7.0

Mike Sprague

unread,

Feb 10, 2003, 11:07:56 AM2/10/03

to

I have iPlanet LDAP working perfectly in 6.1 but can't get it to work at all
in 7.0. I used the exact same settings as far
as my iPlanet connections, baseDN etc.

I have also followed the edocs and set up a user "ldapsystem" in the group
"Administrators". This is the exception I get. I can't tell whether it's
just not hitting my ldap server or what. Again, same settings in 6.1 work
fine.

Should I have also kept the "DefaultAuthenticator" in there as well? When I
had done that none of my LDAP groups showed up and my web app didn't
authenticate agains an LDAP user so I suspect it's not talking.

When I had configured this new ldap realm and before I had made it the
default, clicking on groups and users for this new
realm gave an error on the WLS console saying I didn't have an authenticator
set up.

<Feb 10, 2003 10:52:03 AM EST> <Info> <Security> <090065> <Getting boot
identity
from user.>
Enter username to boot WebLogic server:ldapsystem
Enter password to boot WebLogic server:
Starting WebLogic Server...
<Feb 10, 2003 10:52:16 AM EST> <Notice> <Management> <140005> <Loading
configura
tion D:\config_70\ldapdomain\.\config.xml>
<Feb 10, 2003 10:52:22 AM EST> <Notice> <Security> <090082> <Security
initializi
ng using realm ldaprealm.>
<Feb 10, 2003 10:52:22 AM EST> <Critical> <WebLogicServer> <000364> <Server
fail
ed during initialization. Exception:java.lang.SecurityException:
Authentication
for user ldapsystem denied
java.lang.SecurityException: Authentication for user ldapsystem denied
at
weblogic.security.service.SecurityServiceManager.doBootAuthorization(
SecurityServiceManager.java:1028)
at
weblogic.security.service.SecurityServiceManager.initialize(SecurityS
erviceManager.java:1166)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:697)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
at weblogic.Server.main(Server.java:32)
>
<Feb 10, 2003 10:52:22 AM EST> <Emergency> <WebLogicServer> <000342> <Unable
to
initialize the server: Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication for user ldapsystem
denie
d
java.lang.SecurityException: Authentication for user ldapsystem denied
at
weblogic.security.service.SecurityServiceManager.doBootAuthorization(
SecurityServiceManager.java:1028)
at
weblogic.security.service.SecurityServiceManager.initialize(SecurityS
erviceManager.java:1166)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:697)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
at weblogic.Server.main(Server.java:32)
>
***************************************************************************
The WebLogic Server did not start up properly.
Exception raised:
java.lang.SecurityException: Authentication for user ldapsystem denied
at
weblogic.security.service.SecurityServiceManager.doBootAuthorization(
SecurityServiceManager.java:1028)
at
weblogic.security.service.SecurityServiceManager.initialize(SecurityS
erviceManager.java:1166)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:697)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
at weblogic.Server.main(Server.java:32)
Reason: Fatal initialization exception
Throwable: java.lang.SecurityException: Authentication for user ldapsystem
denie
d
java.lang.SecurityException: Authentication for user ldapsystem denied
at
weblogic.security.service.SecurityServiceManager.doBootAuthorization(
SecurityServiceManager.java:1028)
at
weblogic.security.service.SecurityServiceManager.initialize(SecurityS
erviceManager.java:1166)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:697)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
at weblogic.Server.main(Server.java:32)

***************************************************************************

Mike Sprague

unread,

Feb 10, 2003, 2:32:25 PM2/10/03

to

It appears that I'm not getting a connection to the ldap server. I do see
sockets established using netstat and it's the same ldap admin user and
password that I use in wls6.1. Everything is the same as 6.1 so I must be
missing something fundamental here.

Here's the error:
<Feb 10, 2003 2:02:55 PM EST> <Debug> <SecurityDebug> <000000> <new LDAP
connect
ion to host msprague2 port 389 use local connection is false>
<Feb 10, 2003 2:02:55 PM EST> <Debug> <SecurityDebug> <000000> <created new
LDAP
connection netscape.ldap.LDAPConnection@789869>
<Feb 10, 2003 2:02:55 PM EST> <Debug> <SecurityDebug> <000000> <connection
faile
d netscape.ldap.LDAPException: error result (32); No such object>
java.lang.reflect.InvocationTargetException: netscape.ldap.LDAPException:
error
result (32); No such object
at netscape.ldap.LDAPConnection.checkMsg(LDAPConnection.java:4852)
at
netscape.ldap.LDAPConnection.internalBind(LDAPConnection.java:1757)
at
netscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1294)
at
netscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1303)
at netscape.ldap.LDAPConnection.bind(LDAPConnection.java:1613)
at
weblogic.security.providers.authentication.LDAPAtnDelegate$LDAPFactor
y.newInstance(LDAPAtnDelegate.java:3149)
at weblogic.security.utils.Pool.getInstance(Pool.java:57)
at
weblogic.security.providers.authentication.LDAPAtnDelegate.getConnect
ion(LDAPAtnDelegate.java:2828)
at
weblogic.security.providers.authentication.LDAPAtnDelegate.authentica
te(LDAPAtnDelegate.java:2864)
at
weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.log
in(LDAPAtnLoginModuleImpl.java:168)

Here's more of the debug output from showing my LDAP settings.

"Mike Sprague" <mspr...@learningvoyage.com> wrote in message
news:3e47...@newsgroups.bea.com...

Mike Sprague

unread,

Feb 10, 2003, 5:45:12 PM2/10/03

to

I finally got it. I had the wrong priciple:

was:
admin

is:
uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot

"Mike Sprague" <mspr...@learningvoyage.com> wrote in message

news:3e48...@newsgroups.bea.com...