LDAP on new XNAT

Qurban Mohebi

unread,

Jul 7, 2025, 3:42:31 PMJul 7

to xnat_discussion

Hi,

I am very new to XNAT and have been doing some POC. I have my XNAT running in Docker environment, can receive dicom images from a modality and can do DQR.

I am now struggling to set up LDAP using AD and I am getting the following error:

2025-07-05 14:56:12,210 [http-nio-8080-exec-4] WARN org.nrg.xnat.security.XnatProviderManager - 1 provider IDs are enabled, but don't have configured definitions: ad

I am not sure why XNAT is not able to find my .properties file. To ensure I have got the correct {XNAT_HOME}/config/auth I have the provider.properties file in two locations:

xnat-data/home/config/auth
/xnat/config/auth

Here is my provider.properties:
name=Active Directory
provider.id=ad
auth.method=ldap
visible=true
address=ldap://address/to/server:389
userdn=CN=**,OU=Generic Accounts,OU=**=net,DC=**DC=**,DC=**
password=*********
search.base=DC=**,DC=**,DC=***,DC=***
search.filder=(sAMAccountName={0})
auto.enabled=false
auto.verified=false

please note, I have the same AD config file for python LDAP and I have no issue authenticating with python.

plug: ldap-auth-plugin-1.2.1.jar
XNAT: 1.9.1.2, build: 132

Rick Herrick

unread,

Jul 7, 2025, 6:40:49 PMJul 7

to xnat_di...@googlegroups.com

Your properties file should be in a folder named auth right under the same file where your xnat-conf.properties file is located. If your XNAT is coming up properly, it must be finding that properties file, so just make sure you have your provider properties underneath that. For example, if your configuration file is in /home/xnat/config/xnat-conf.properties, then your provider definition should be in /home/xnat/config/auth/ad-provider.properties.

Also, make sure the name of your provider definition file matches the pattern *-provider.properties, e.g. something like ad-provider.properties should be good.

Lastly, make sure the file is readable (preferably owned) by the Tomcat user. For example, one of my provider definitions on a dev stack looks like this:

# ls -l config/auth/xxx-provider.properties
-rw-r----- 1 tomcat tomcat 321 May 20 16:45 config/auth/xxx-provider.properties

If the file's not owned by the Tomcat user you need to make sure it has read permissions for a group that contains that user or have world read permissions: chmod 644 config/auth/ad-provider.properties

Let us know if this helps you get this fixed.

Rick Herrick

Senior Software Developer

ri...@xnatworks.io

https://xnatworks.io | Find us on LinkedIn!

--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussi...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/xnat_discussion/da62513f-bf54-4fe1-aed9-26b25a169fcan%40googlegroups.com.

Qurban Mohebi

unread,

Jul 9, 2025, 12:36:36 AMJul 9

to xnat_di...@googlegroups.com

Hi Rick,

Thank you for the pointers. The solution is still eluding me. I am running my XNAT on Docker with a build provided by NrgXnat.

I took your guidance and searched for xnat-conf.properties on my Linux instance (sudo find / -name " xnat-conf.propertie) to make sure I am creating the .properties in the correct directory. This only found the config file xnat-conf.properties in the tomcat docker overlay volume, which matched the path: /home/xnat/config/xnat-conf.properties. I then accessed the Tomcat docker files system and created an auth folder ( home/xnat/config/auth/ad-provider.properties ) and saved the properties file ../ad-provider.properties. Restarted the Tomcat docker container, but immediately got a 404 when browsing to xnat.

I have also ensured that the ad-provider.properties has the same permissions as xnat-conf.properties

To view this discussion visit https://groups.google.com/d/msgid/xnat_discussion/CAFykhbAxj4B436npa3GTY4mun%2BNDFYY2BDaSzMwva%2B7m5aRZTg%40mail.gmail.com.