LDAP active directory Connection : LdapErr: DSID-0C090334

**elghazijamal** · 06-03-2008, 01:10 PM

Hello,
we have organisation tree like this in our Active Directory

+zakourafondation.org
|-------+ Directions des systèmes d'information (organisation unit)
|........|------- Jamal EL GHAZI (uid : j.elghazi@zakourafondation.org)
|
|-------+ Groupes (roles)
.........|-------- DSI (Contains Jamal ELGHAZI)

i want to use Directions des systèmes d'information as my OU, and Groupes as roles

i got LdapErr: DSID-0C090334 when i try to log on to Pentaho. that means information required are invalides

here, i joined XMLs config files if someone can help me with any suggestion.

Thinks in advance !

**elghazijamal** · 06-04-2008, 04:59 AM

i hope i haven't make any mistake...

**elghazijamal** · 06-04-2008, 01:40 PM

Hi,
the problem was in a french caracter "è" (extra bytes error). when i replace it whith utf-8 code "\u00E8" (in organisation unit : Direction des Systèmes d'Information by Direction des Syst\u00E8mes d'Information). the error desappears but log on failed.
so, i told to our active directory administrator to change "è" by "e"

.. and it works !!
i still have only one problem, with roles and autorities, when i log on, the list of solutions is empty, and in admin menu, i don't find Permissions tools?!!

where should i set reporsitory access??

Thinks in advance

**mlowery** · 06-08-2008, 10:37 PM

So you're successfully authenticated, but now the issue seems to be your roles. Try Turning on Security Logging to see what roles are being granted to the username.

**elghazijamal** · 06-09-2008, 11:06 AM

i have DSI, SUPPORT roles.
in log file, theres lines like :

2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/j_acegi_security_check.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/getmondrianmodel.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/getimage.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/getresource.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/admin.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/auditreport.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/auditreportlist.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/versioncontrol.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/propertieseditor.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/propertiespanel.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/subscriptionadmin.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/resetrepository.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/viewaction.*solution.admin.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/scheduleradmin.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/publish.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap] Candidate is: '/js/ajaxslt0.7/dom.js'; pattern is \A/logout.*\Z; matched=false
2008-06-09 15:17:29,573 DEBUG [org.acegisecurity.intercept.

the majority of them are matched false?!!

and in others lines, i find :

2008-06-09 15:17:29,605 DEBUG [org.acegisecurity.intercept.AbstractSecurityInterceptor] Previously Authenticated: org.acegisecurity.providers.Username...Token@12bd5a46: Username: org.acegisecurity.userdetails.ldap.L...ailsImpl@99823; Password: [PROTECTED]; Authenticated: true; Details: org.acegisecurity.ui.WebAuthenticationDetails@0: RemoteIpAddress: 127.0.0.1; SessionId: 9344C486A3BEC5508A3D18FC4219E28C; Granted Authorities: DSI, SUPPORT, Authenticated

is it normal?
Thinks

Thread: LDAP active directory Connection : LdapErr: DSID-0C090334

Thread Tools

Display

LDAP active directory Connection : LdapErr: DSID-0C090334

I do it ! :)

Posting Permissions