APEX

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

LDAP authentication via a search of AD

MalcAApr 24 2013 — edited May 14 2013

I am using the procedure from 1838977 and it works a treat. Running via Apex SQL Workshop:

....
l_ldap_user := 'cn=John Smith,ou=ABC Users,ou=ABC,dc=abc,dc=corp';
....

results in:

Return value: 0
Statement processed.
0.01 seconds

This is good, but the users don't want to login using "John Smith", they want to enter their uid "jsmith". I have tried simply substituting the cn= for uid= :

....
l_ldap_user := 'uid=jsmith,ou=ABC Users,ou=ABC,dc=abc,dc=corp';
....

but this results in:

ldap session             : 01000000(returned from init)
error: ORA-31202: DBMS_LDAP: LDAP client/server error: Invalid credentials. 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece -31202
user: uid=jsmith,ou=ABC Users,ou=ABC,dc=abc,dc=corp
host: abc.corp
port: 389

The "525" in the above line means "user not found":

52e invalid credentials
525 user not found
530 not permitted to logon at this time
531 not permitted to logon at this workstation
532 password expired
533 account disabled
701 account expired
773 user must reset password

I was hoping to just be able to substitute cn= for uid= but it does not work in this case. I may have simply got the uid wrong, but I'm assured it is correct for the username I am using. Any ideas would be appreciated.

regards,
Malcolm.

Locked Post

New comments cannot be posted to this locked post.

Locked on Jun 11 2013

Added on Apr 24 2013

#apex-discussions, #authentication, #ldap

16 comments

4,054 views