Testing Active Directory Connection

These are the assumptions about the environment (local network):

• Internal domain name: yourcompany.local
• Domain controller server name: server.yourcompany.local
• LDAP port: default (389)
• codeBeamer server can resolve the host address/name: server.yourcompany.local
  This can be verified, for example,by ping command: ping server.yourcompany.local
  

Steps to follow:

1. In you active directory, create new organizational unit 'CBTEST'
   
2. In the 'CBTEST' organizational unit, create a new account: 'cbuser'
   Pre-Windows 2000, your user logon name should look be: yourcompany\cbuser
   Your user logon name should look like: cbuser@yourcompany.local
   First/Last name doesn't really matter, but will get significance later at verification
   For the sake of simplicity. uncheck "User must change password at next logon"
   
3. Verify that cbuser can login to your domain (e.g. login from a workstation with its credentials)
   
4. In codeBeamer go to System Administration > User Authentication
   
5. Enter the following configuration settings:
   
   • LDAP/Active Directory Server section
     Server URL(s): ldap://srvr.local.local:389
     Base domain: dc=yourcompany,dc=local
     Username: administrator (a user with proper LDAP access)
     Password: (administrator password)
     
   • Search user section
     in (not with): ou=CBTEST
     
     At this point leave all the other entries on default:
     
     
     
6. Under the section "Test authentication against LDAP/Active Directory", enter cbuser and its password, and click on Test
   
7. If the test is successful, the following message is displayed, and a new column appears in the right side panel with the header Response from LDAP listing the returned attributes (e.g. first/last name)
   The test user is successfully authenticated, please verify the mapped content below!
   

Error message examples when the test fails:

• You must change you password before you can log in!Step 2. and 3. were not done correctly.
• Please enter your password!No password is specified for the test user (cbuser)
• The entered username is invalid!Incorrect test user name
  Search user conditions are incorrect (alternatively you can try to wipe out the in field and make sure "recursively" option is checked)
  
• LDAP/Active Directory authentication failed: Failed to borrow DirContext from pool.; nested exception is java.util.NoSuchElementException: Could not create a validated object, cause: ValidateObject failedBase domain is incorrect
  No password is specified for the server connection user (administrator)
  
• LDAP/Active Directory authentication failed: Failed to borrow DirContext from pool.; nested exception is org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v23f0]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v23f0]Server connection user and/or password is incorrect (administrator)
• LDAP/Active Directory authentication failed: Failed to borrow DirContext from pool.; nested exception is org.springframework.ldap.CommunicationException: srvrx.local.local:389; nested exception is javax.naming.CommunicationException: server.yourcompany.local:389 [Root exception is java.net.UnknownHostException: server.yourcompany.local]Server name is incorrect or cannot be resolved