[Archivesspace_Users_Group] LDAP Configuration Woes

Blake Carver blake.carver at lyrasis.org
Wed Jun 28 11:00:28 EDT 2017 

Hi Jason,
I've found the settings that seem to be hard to dial in are the bind_dn / base_dn and sometimes port / encryption.
I just checked ours here (we have just a few that are using LDAP) and we've not had to change up attribute_map for anyone.

Usually base_dn was something like '"dc=example,dc=edu"' for something like example.edu

bind_dn seems to vary widely, from a simple bind at example.edu to something like  '"CN=Aspace Bind,OU=Misc,DC=example,DC=edu"'

Blake Carver
   Systems Administrator, LYRASIS




________________________________________
From: archivesspace_users_group-bounces at lyralists.lyrasis.org <archivesspace_users_group-bounces at lyralists.lyrasis.org> on behalf of Rowe, Jayson <jrowe at sebts.edu>
Sent: Wednesday, June 28, 2017 9:32:50 AM
To: archivesspace_users_group at lyralists.lyrasis.org
Subject: [Archivesspace_Users_Group] LDAP Configuration Woes

Hi,
I’m new to setting up ArchivesSpace, and I’m having trouble getting it to bind to my LDAP.

I’m getting two errors, one is a code 49 saying Invalid Credentials (which I know are correct) and then it says failed to bind to LDAP directory.

Here is what my LDAP config block looks like (scrubbed a bit for privacy):
AppConfig[:authentication_sources] = [{
                                         :model => 'LDAPAuth',
                                         :hostname => 'dc.example.com',
                                         :port => 389,
                                         :base_dn => 'dc=blah,dc=example',dc=blahblah’
                                         :username_attribute => 'SAMAccountName',
                                         :attribute_map => {:cn => :name},
                                         :bind_dn => 'sAMAccountName=ldapuser,ou=users,dc=blah,dc=example,dc=blahblah',
                                         :bind_password => 'secretpassword',
}]
This is a configuration similar to what other apps use. The only line that was really unfamiliar to us was the ‘:attribute_map=>’ line.

I’m grateful for any help the community might be able to provide.
Thank you,
Jayson Rowe
Southeastern Baptist Theological Seminary

Jayson Rowe
Software Developer, Information Technology
Editor, Between The Times
Southeastern Baptist Theological Seminary
919.761.2267 | www.sebts.edu<http://www.sebts.edu> | map<http://www.sebts.edu/student-life/campus/> | social<http://www.sebts.edu/news-resources/social_network.aspx>

[http://mailer.sebts.edu/admin/images/SEBTS-logo-email.png]

More information about the Archivesspace_Users_Group mailing list