[ome-users] ome-users Digest, Vol 104, Issue 1

Jake Carroll jake.carroll at uq.edu.au
Sun Nov 3 20:21:27 GMT 2013


Yep.

Happy to help out, too. It took a good few hours of skull-sweat to figure
it out unfortunately. One of my guys said:

³Have you considered that your AD server is indeed an LDAP provider too,
but think of it as being more Œfully fleshed out¹².

At that point I realised our default LDAP provider didn¹t provide full
detail in the form of FQDN¹s for DN¹s/CN¹s, such that I needed the detail
that came from AD instead.

So, I guess the point therein, is that Omero seems to play nicely with
AD¹s LDAP information that one can obtain through the JDNI, but the JDNI
itself seems extremely picky with relation to how it parses FQDN (dc=,
dc=, dc=, c=blah) style strings and patterns. Not sure why, have not
looked enough yet at the API.


-jc

On 4/11/2013 5:54, "Josh Moore" <josh at glencoesoftware.com> wrote:

>This thread along with the one on the forums
>(http://lists.openmicroscopy.org.uk/pipermail/ome-users/2013-November/0040
>32.html)
>were solved by changing configuration properties to use the full
>Active Directory values. E.g.:
>
>omero.ldap.base=OU=Deputy Vice-Chancellor
>(Academic),OU=Vice-Chancellor,DC=...
>omero.ldap.urls=ldap://ad.cc...:389
>omero.ldap.username=CN=Active Directory Admin Account - OU=Deputy
>Vice-Chancellor
>(Academic),OU=Vice-Chancellor,...
>
>Hopefully we can incorporate more specific AD-examples to help other
>users. (Feedback welcome!)
>~J




More information about the ome-users mailing list