Rundeck + Simple AD integration

[Sagi]

We have tried LDAP authentication in rundeck. 

Configured Simple AD in AWS as LDAP .

jaas-ldap.conf

ldap {

    com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule required

    debug="true"

    contextFactory="com.sun.jndi.ldap.LdapCtxFactory"

    providerUrl="ldap://example.ad:389"

    bindDn="DC=example,DC=ad"

    bindPassword="Password"

    authenticationMethod="simple"

    forceBindingLogin="true"

    userBaseDn="CN=administrator,CN=Users,DC=example,DC=ad"

    userRdnAttribute="sAMAccountName"

    userIdAttribute="sAMAccountName"

    userPasswordAttribute="unicodePwd"

    userObjectClass="user"

    roleBaseDn="DC=example,DC=ad"

    roleNameAttribute="sAMAccountName"

    roleUsernameMemberAttribute="cn"

    roleMemberAttribute="member"

    roleObjectClass="group"

    cacheDurationMillis="300000"

    supplementalRoles="user,jd5"

    reportStatistics="true";

};

Getting error when login into rundeck.

javax.security.auth.login.LoginException: java.lang.IllegalStateException: Unable to establish root context: [LDAP: error code 49 - Simple Bind Failed: NT_STATUS_LOGON_FAILURE]|?at com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule.initialize(JettyCachingLdapLoginModule.java:816)|?at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)|?at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)|?at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)|?at java.lang.reflect.Method.invoke(Method.java:498)|?at javax.security.auth.login.LoginContext.invoke(LoginContext.java:736)|?at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)|?at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)|?at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)|?at java.security.AccessController.doPrivileged(Native Method)|?at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)|?at javax.security.auth.login.LoginContext.login(LoginContext.java:587)|?at org.eclipse.jetty.jaas.JAASLoginService.login(JAASLoginService.java:241)|?at org.eclipse.jetty.security.authentication.LoginAuthenticator.login(LoginAuthenticator.java:52)|?at org.eclipse.jetty.security.authentication.FormAuthenticator.login(FormAuthenticator.java:192)|?at org.eclipse.jetty.security.authentication.FormAuthenticator.validateRequest(FormAuthenticator.java:229)|?at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:499)|?at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:213)|?at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1097)|?at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:448)|?at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:175)|?at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1031)|?at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:136)|?at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)|?at org.eclipse.jetty.server.Server.handle(Server.java:446)|?at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:271)|?at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:246)|?at org.eclipse.jetty.io.AbstractConnection$ReadCallback.run(AbstractConnection.java:358)|?at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:601)|?at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:532)|?at java.lang.Thread.run(Thread.java:748)|

        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:856)

        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)

        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)

        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)

        at java.security.AccessController.doPrivileged(Native Method)

        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)

        at javax.security.auth.login.LoginContext.login(LoginContext.java:587)

        at org.eclipse.jetty.jaas.JAASLoginService.login(JAASLoginService.java:241)

        at org.eclipse.jetty.security.authentication.LoginAuthenticator.login(LoginAuthenticator.java:52)

        at org.eclipse.jetty.security.authentication.FormAuthenticator.login(FormAuthenticator.java:192)

        at org.eclipse.jetty.security.authentication.FormAuthenticator.validateRequest(FormAuthenticator.java:229)

        at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:499)

        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:213)

        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1097)

        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:448)

        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:175)

        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1031)

        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:136)

        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)

        at org.eclipse.jetty.server.Server.handle(Server.java:446)

        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:271)

        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:246)

        at org.eclipse.jetty.io.AbstractConnection$ReadCallback.run(AbstractConnection.java:358)

        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:601)

        at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:532)

        at java.lang.Thread.run(Thread.java:748

Appreciate your quick responses.

Thanks,

sg

DISCLAIMER: The information in this message is "Powerupcloud Technologies" confidential and may be legally privileged. It is intended solely for the addressee. Access to this message by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, or distribution of the message, or any action or omission taken by you in reliance on it, is prohibited and may be unlawful. Please contact h...@powerupcloud.com immediately if you have received this message in error. Thank you.