#1 2015-06-11 12:57:09

michael15
Member
Registered: 2015-06-11

LDAP configuration in RS2.2.2

Hello

How can I LDAP configure in RS 2.2.2. Is this actuel for RS 2.2.2?
http://blog.datenwerke.net/2013/08/Repo … ation.html

Must I in script only this configure?

lul.setProviderUrl("ldap://directory.example.com:389");
lul.setSecurityPrincipal("CN=ldaptest,CN=Users,DC=directory,DC=example,DC=com");
lul.setSecurityCredentials("ldaptest");

lul.setLdapBase("OU=EXAMPLE,DC=directory,DC=example,DC=com");

Offline

#2 2015-06-11 17:18:52

Thorsten J. Krause
Guest

Re: LDAP configuration in RS2.2.2

Hi,

yes the instructions from the blog post will work for 2.2.2.

If you are using Microsoft ActiveDirectory this is all you need to change. In other environments additional changes might be required.

Cheers,
Thorsten

#3 2015-06-12 10:35:32

michael15
Member
Registered: 2015-06-11

Re: LDAP configuration in RS2.2.2

When I want ldapimport.grovvy execute, I have Error:

net.datenwerke.rs.scripting.service.scripting.exceptions.ScriptEngineException: javax.script.ScriptException: org.codehaus.groovy.control.MultipleCompilationErrorsException: startup failed:
Script6.groovy: 1: expecting EOF, found 'import' @ line 1, column 14.

1 error

    at net.datenwerke.rs.scripting.service.scripting.engines.GroovyEngine.eval(GroovyEngine.java:67)
    at net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:207)
    at net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:253)
    at net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:301)
    at net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:272)
    at net.datenwerke.rs.scripting.service.scripting.terminal.commands.ExecScriptCommand.doTransactionExecute(ExecScriptCommand.java:320)
    at com.google.inject.persist.jpa.JpaLocalTxnInterceptor.invoke(JpaLocalTxnInterceptor.java:66)
    at net.datenwerke.rs.scripting.service.scripting.terminal.commands.ExecScriptCommand$1$1.doFilter(ExecScriptCommand.java:244)
    at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:66)
    at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:168)
    at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:58)
    at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:118)
    at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:113)
    at net.datenwerke.rs.scripting.service.scripting.terminal.commands.ExecScriptCommand$1.call(ExecScriptCommand.java:238)
    at net.datenwerke.rs.scripting.service.scripting.terminal.commands.ExecScriptCommand$1.call(ExecScriptCommand.java:1)
    at java.util.concurrent.FutureTask.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source


Grusse
Michael

Offline

#4 2015-06-12 12:06:52

Thorsten J. Krause
Guest

Re: LDAP configuration in RS2.2.2

Hi Michael,

looks like something went wrong when uploading the script to ReportServer and you ended up with some special characters at the beginning of the script.
Just try to upload it again and check if something looks funny.

Cheers,
Thorsten

#5 2015-06-26 09:24:06

michael15
Member
Registered: 2015-06-11

Re: LDAP configuration in RS2.2.2

Hi

I have found this funny error, with firefox work better.

Now I have other Error:
"javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C8, comment: AcceptSecurityContext error, data 52e, v2580]"

This is invalid credentials, what should I write in "ldaptest" sAMAccountName, displayName or something else?

I have now:
lul.setProviderUrl("ldap://domain controller.domain.local:389");
        lul.setSecurityPrincipal("CN=sAMAccountName,CN=Users,DC=domaincontroler,DC=domain,DC=local");
        lul.setSecurityCredentials("sAMAccountName password");

        lul.setLdapBase("OU=test,DC=domaincontroler,DC=domain,DC=local");

Offline

#6 2015-06-26 10:16:14

Thorsten J. Krause
Guest

Re: LDAP configuration in RS2.2.2

Hi Michael,

the security credentials are just the password.
Most likely your security principal is incorrect. It does not use the account name, but the users full name. If you have access to the domain controller (or can ask someone who has) check the users properties. the security principal ist the "distinguishedName" Attribute. http://s.co.tt/wp-content/uploads/2015/ … edName.png

Cheers,
Thorsten

#7 2015-07-09 12:12:48

michael15
Member
Registered: 2015-06-11

Re: LDAP configuration in RS2.2.2

Hi

Thanks for answer.
I have now users in RS but they can't login to RS. I have LDAP:error code 49 - 80090308, DSID-0C0903C8 data 531, v2580. How credentials must I give users? RS access they have.

Offline

#8 2015-07-09 13:07:43

Thorsten J. Krause
Guest

Re: LDAP configuration in RS2.2.2

Hi Michael,

error 531 is (http://ldapwiki.willeke.com/wiki/Common … d%20Errors):
ERROR_INVALID_WORKSTATION Device Restriction:Entry not allowed to log on to this computer.

In order to verify a users credentials reportserver tries to bind to active directory as this user. It looks as if you have a policy in place that disallows this.

Cheers,
Thorsten

#9 2015-07-10 09:51:26

michael15
Member
Registered: 2015-06-11

Re: LDAP configuration in RS2.2.2

Hi Thorsten

Now works fine after permission for RS Service changed.
Can I autologin whith LDAP User?

Offline

Board footer

Powered by FluxBB