You are not logged in. Click here to log in.

codebeamer Application Lifecycle Management (ALM)

Search In Project

Search inClear

Tags:  not added yet

Testing Active Directory Connection

This is a tutorial on how to test LDAP connection configuration with Windows Active Directory in a simple case scenario using mostly default settings.

These are the assumptions about the environment (local network):

  • Internal domain name: yourcompany.local
  • Domain controller server name: server.yourcompany.local
  • LDAP port: default (389)
  • codeBeamer server can resolve the host address/name: server.yourcompany.local
    This can be verified, for example,by ping command: ping server.yourcompany.local

Steps to follow:

  1. In you active directory, create new organizational unit 'CBTEST'
  2. In the 'CBTEST' organizational unit, create a new account: 'cbuser'
    Pre-Windows 2000, your user logon name should look be: yourcompany\cbuser
    Your user logon name should look like: cbuser@yourcompany.local
    First/Last name doesn't really matter, but will get significance later at verification
    For the sake of simplicity. uncheck "User must change password at next logon"
  3. Verify that cbuser can login to your domain (e.g. login from a workstation with its credentials)
  4. In codeBeamer go to System Administration > User Authentication
  5. Enter the following configuration settings:
    • LDAP/Active Directory Server section
      Server URL(s): ldap://srvr.local.local:389
      Base domain: dc=yourcompany,dc=local
      Username: administrator (a user with proper LDAP access)
      Password: (administrator password)
    • Search user section
      in (not with): ou=CBTEST

      At this point leave all the other entries on default:


  6. Under the section "Test authentication against LDAP/Active Directory", enter cbuser and its password, and click on Test
  7. If the test is successful, the following message is displayed, and a new column appears in the right side panel with the header Response from LDAP listing the returned attributes (e.g. first/last name)
    The test user is successfully authenticated, please verify the mapped content below!

Error message examples when the test fails:

  • You must change you password before you can log in!Step 2. and 3. were not done correctly.
  • Please enter your password!No password is specified for the test user (cbuser)
  • The entered username is invalid!Incorrect test user name
    Search user conditions are incorrect (alternatively you can try to wipe out the in field and make sure "recursively" option is checked)
  • LDAP/Active Directory authentication failed: Failed to borrow DirContext from pool.; nested exception is java.util.NoSuchElementException: Could not create a validated object, cause: ValidateObject failedBase domain is incorrect
    No password is specified for the server connection user (administrator)
  • LDAP/Active Directory authentication failed: Failed to borrow DirContext from pool.; nested exception is org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v23f0]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v23f0]Server connection user and/or password is incorrect (administrator)
  • LDAP/Active Directory authentication failed: Failed to borrow DirContext from pool.; nested exception is org.springframework.ldap.CommunicationException: srvrx.local.local:389; nested exception is javax.naming.CommunicationException: server.yourcompany.local:389 [Root exception is java.net.UnknownHostException: server.yourcompany.local]Server name is incorrect or cannot be resolved