LDAP configuration in RS2.2.2

michael15 · 2015-06-11 12:57:09

Hello

How can I LDAP configure in RS 2.2.2. Is this actuel for RS 2.2.2?
http://blog.datenwerke.net/2013/08/Repo … ation.html

Must I in script only this configure?

lul.setProviderUrl("ldap://directory.example.com:389");
lul.setSecurityPrincipal("CN=ldaptest,CN=Users,DC=directory,DC=example,DC=com");
lul.setSecurityCredentials("ldaptest");

lul.setLdapBase("OU=EXAMPLE,DC=directory,DC=example,DC=com");

Thorsten J. Krause · 2015-06-11 17:18:52

Hi,

yes the instructions from the blog post will work for 2.2.2.

If you are using Microsoft ActiveDirectory this is all you need to change. In other environments additional changes might be required.

Cheers,
Thorsten

michael15 · 2015-06-12 10:35:32

When I want ldapimport.grovvy execute, I have Error:

net.datenwerke.rs.scripting.service.scripting.exceptions.ScriptEngineException: javax.script.ScriptException: org.codehaus.groovy.control.MultipleCompilationErrorsException: startup failed:
Script6.groovy: 1: expecting EOF, found 'import' @ line 1, column 14.

1 error

at net.datenwerke.rs.scripting.service.scripting.engines.GroovyEngine.eval(GroovyEngine.java:67)
at net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:207)
at net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:253)
at net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:301)
at net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:272)
at net.datenwerke.rs.scripting.service.scripting.terminal.commands.ExecScriptCommand.doTransactionExecute(ExecScriptCommand.java:320)
at com.google.inject.persist.jpa.JpaLocalTxnInterceptor.invoke(JpaLocalTxnInterceptor.java:66)
at net.datenwerke.rs.scripting.service.scripting.terminal.commands.ExecScriptCommand$1$1.doFilter(ExecScriptCommand.java:244)
at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:66)
at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:168)
at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:58)
at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:118)
at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:113)
at net.datenwerke.rs.scripting.service.scripting.terminal.commands.ExecScriptCommand$1.call(ExecScriptCommand.java:238)
at net.datenwerke.rs.scripting.service.scripting.terminal.commands.ExecScriptCommand$1.call(ExecScriptCommand.java:1)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.lang.Thread.run(Unknown Source

Grusse
Michael

Thorsten J. Krause · 2015-06-12 12:06:52

Hi Michael,

looks like something went wrong when uploading the script to ReportServer and you ended up with some special characters at the beginning of the script.
Just try to upload it again and check if something looks funny.

Cheers,
Thorsten

michael15 · 2015-06-26 09:24:06

Hi

I have found this funny error, with firefox work better.

Now I have other Error:
"javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C8, comment: AcceptSecurityContext error, data 52e, v2580]"

This is invalid credentials, what should I write in "ldaptest" sAMAccountName, displayName or something else?

I have now:
lul.setProviderUrl("ldap://domain controller.domain.local:389");
lul.setSecurityPrincipal("CN=sAMAccountName,CN=Users,DC=domaincontroler,DC=domain,DC=local");
lul.setSecurityCredentials("sAMAccountName password");

lul.setLdapBase("OU=test,DC=domaincontroler,DC=domain,DC=local");

Thorsten J. Krause · 2015-06-26 10:16:14

Hi Michael,

the security credentials are just the password.
Most likely your security principal is incorrect. It does not use the account name, but the users full name. If you have access to the domain controller (or can ask someone who has) check the users properties. the security principal ist the "distinguishedName" Attribute. http://s.co.tt/wp-content/uploads/2015/ … edName.png

Cheers,
Thorsten

michael15 · 2015-07-09 12:12:48

Hi

Thanks for answer.
I have now users in RS but they can't login to RS. I have LDAP:error code 49 - 80090308, DSID-0C0903C8 data 531, v2580. How credentials must I give users? RS access they have.

Thorsten J. Krause · 2015-07-09 13:07:43

Hi Michael,

error 531 is (http://ldapwiki.willeke.com/wiki/Common … d%20Errors):
ERROR_INVALID_WORKSTATION Device Restriction:Entry not allowed to log on to this computer.

In order to verify a users credentials reportserver tries to bind to active directory as this user. It looks as if you have a policy in place that disallows this.

Cheers,
Thorsten

michael15 · 2015-07-10 09:51:26

Hi Thorsten

Now works fine after permission for RS Service changed.
Can I autologin whith LDAP User?

ReportServer Forum

#1 2015-06-11 12:57:09

LDAP configuration in RS2.2.2

#2 2015-06-11 17:18:52

Re: LDAP configuration in RS2.2.2

#3 2015-06-12 10:35:32

Re: LDAP configuration in RS2.2.2

#4 2015-06-12 12:06:52

Re: LDAP configuration in RS2.2.2

#5 2015-06-26 09:24:06

Re: LDAP configuration in RS2.2.2

#6 2015-06-26 10:16:14

Re: LDAP configuration in RS2.2.2

#7 2015-07-09 12:12:48

Re: LDAP configuration in RS2.2.2

#8 2015-07-09 13:07:43

Re: LDAP configuration in RS2.2.2

#9 2015-07-10 09:51:26

Re: LDAP configuration in RS2.2.2

Board footer