Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-2581

Allow Crowd to integrate with Active Directory Application Mode (ADAM)

    XMLWordPrintable

    Details

    • Type: Suggestion
    • Status: Gathering Interest (View Workflow)
    • Resolution: Unresolved
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Feedback Policy:

      Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Description

      The Crowd Active Directory Connector does not work with Active Directory Application Mode (ADAM) (basically just a LDAP server). When you try and do a partial synchronization you get exceptions like:

      nested exception is javax.naming.InvalidNameException: CN=Deleted Objects,null: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001BF, problem 2006 (BAD_NAME), data 8350, best match of:
      'CN=Deleted Objects,null'
      ]; remaining name 'CN=Deleted Objects,null'
      

      This is because the AD directory connector looks for an attribute of type rootDomainNamingContext on the RootDSE of the AD server. Unfortunately, this attribute does not exist on ADAM. In fact, ADAM servers will probably not have all the AD default schemas and as such the definition over what is a user and what is a group is much less restricted. It is really up to the ADAM admin. In this way ADAM is more like a generic LDAP server.

      I guess the only complication would be how to handle the passwords.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              bbain Brenden Bain
              Votes:
              6 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated: