Loading...

XML

Word

Printable

Details

Type: Suggestion
Resolution: Unresolved
Fix Version/s: None
Component/s: None
Labels:
None

Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

Description

The Crowd Active Directory Connector does not work with Active Directory Application Mode (ADAM) (basically just a LDAP server). When you try and do a partial synchronization you get exceptions like:

nested exception is javax.naming.InvalidNameException: CN=Deleted Objects,null: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001BF, problem 2006 (BAD_NAME), data 8350, best match of:
'CN=Deleted Objects,null'
]; remaining name 'CN=Deleted Objects,null'

This is because the AD directory connector looks for an attribute of type rootDomainNamingContext on the RootDSE of the AD server. Unfortunately, this attribute does not exist on ADAM. In fact, ADAM servers will probably not have all the AD default schemas and as such the definition over what is a user and what is a group is much less restricted. It is really up to the ADAM admin. In this way ADAM is more like a generic LDAP server.

I guess the only complication would be how to handle the passwords.

Attachments

Issue Links

is cloned from

CWD-2140 Tracking Feedback for ADAM integration

Closed

is duplicated by

CWD-5572 Support AD LDS using the AD Connector in future versions of Crowd

Gathering Interest

Activity

People

Assignee:: Unassigned

Reporter:: bain

Votes:: 8 Vote for this issue

Watchers:: 8 Start watching this issue

Dates

Created:: 13/Jul/2011 8:01 AM

Updated:: 23/Apr/2020 11:03 AM