Full_Name: Adolfo Cortés Version: openldap-2.3.43-12.el5 OS: CentOS release 5.2 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (62.15.226.90)
I try to connect to an Active directory from a java application using JNDI /OpenLDAP openldap-2.3.43-12.el5 in CentOS release 5.2
When i did a search i get a CommunicationException Error : javax.naming.CommunicationException: xxxxxxxx.es:636 [Root exception is java.net.UnknownHostException: xxxxxxxx.es]]
xxxxxxxx.es:636 is reachable and another operations over LDAP as create user goes fine.
I see that the problem is related to the DNS configuration: the Active Directory server DNS is aaaaa.bbbbb.xxxxxxxx.es but the base search is only xxxxxxxx.es
when I do the search i get the exception because it takes xxxxxxxx.es instead of ssss.xxxxxxxx.es to perform the operation.
I tried to solve it adding xxxxxxxx.es to hosts and writing the same IP of aaaaa.bbbbb.xxxxxxxx.es , so the bypass works and the connection goes but now i have a new problem, when i execute the search it connects but retrieves a Referral Limit Exception, iŽm thinking because there are jumps or confussion between aaaaa.bbbbb.xxxxxxxx.es and xxxxxxxx.es because of the hosts bypass i did.
So my workaround doesnŽt works and i need to know or solve the connection problem for use subdomain DNS and domain in search base.
Connection Parameters: everytihg goes right, is interesting the url, using not secure ldap protocol I also get the same error.
[url: ldaps://aaaaa.bbbbb.xxxxxxxx.es] java.naming.security.authentication:simple Usuario mypassword@bbbbb.xxxxxxxx.es] Password[getLDAPropertiesSSL]:mypassword] keystore[getLDAPropertiesSSL]:/opt/java/jre/lib/security/jssecacerts trustStore[getLDAPropertiesSSL]:/opt/java/jre/lib/security/jssecacerts Especificacion uso SSL[getLDAPPropertiesSSL]java.naming.security.protocol ssl
Search details: see that base DC is xxxxxxxx.es
[base: OU=YYY,DC=xxxxxxxx,DC=es] [searchFilter: (&(objectClass=group)(cn={0}))] [filterArgs: new String[] {Usuarios}] [searchControls: SUBTREE_SCOPE, Atributes null, returningobjflag true]
This Hosts file doesnŽt produce the Communication ERROR aaaaa.bbbbb.xxxxxxxx.es ccc.ccc.ccc.ccc xxxxxxxx.es ccc.ccc.ccc.ccc
With this hosts file i get the Communication ERROR aaaaa.bbbbb.xxxxxxxx.es ccc.ccc.ccc.ccc
If i try this search directly in the AD server console, it works giving me the results.
Thanks in advance, Adolfo