Project and Portfolio Management Practitioners Forum
cancel

Configuring authentication with Secure LDAP

Highlighted
Jim Esler
Acclaimed Contributor.

Configuring authentication with Secure LDAP

We have been using LDAP for a long time for user authentication and are now looking at modifying the process to use Secure LDAP. We have followed the directions in the admin guide but authentication fails. The error in the log file is:

 

         The LDAP Server could not be reached. Please validate the LDAP_URL parameter in the server.conf file. (KNTA-10843)

 

The LDAP server is accessible from the PPM server and telnet can connect to the secure LDAP port.

 

We are experimenting with this on a 9.12 instance but the directions for configuring Secure LDAP are the same as in the 7.5 documentation. Any ideas what may be wrong?

4 REPLIES
Utkarsh_Mishra
Acclaimed Contributor.

Re: Configuring authentication with Secure LDAP

Are you using the old JAVA or have you update the JAVA prior to LDAP configuration...?

 

IF you have updated the JAVA or you have not installed the SSL cert previously... then you need to install the SSL certificates on your server.

Cheers..
Utkarsh Mishra

-- Remember to give Kudos to answers! (click the KUDOS star)
Jim Esler
Acclaimed Contributor.

Re: Configuring authentication with Secure LDAP

The Java install has not been modified. The certs were installed as described in the admin guide.

Utkarsh_Mishra
Acclaimed Contributor.

Re: Configuring authentication with Secure LDAP

can you check again... as this issue is only coming when the LDAP URL is incorrect or the certifcates are missing.

 

Check the certificate list by this command: (modify the Java path)

 

/opt/java1.5/jre/bin/keytool -list -v -keystore /opt/java1.5/jre/lib/security/cacerts

Cheers..
Utkarsh Mishra

-- Remember to give Kudos to answers! (click the KUDOS star)
Jim Esler
Acclaimed Contributor.

Re: Configuring authentication with Secure LDAP

You are correct that the problem was with the certificates and certificate processing. I had mistyped the server.conf entry for:

 

com.kintana.core.server.LDAP_KEYSTORE_PASSWORD

 

so the certificate file could not be processed. Not what I would expect from the text in the error message.

 

There was another issue, too, because a key line in java.security had been commented out, resulting in a java.security.NoSuchAlgorithmException error. Uncommenting the line enabled the process to work properly.