Centric CRM 4.1 soporta autentificacion con Oracle Internet Directory helpme !!!

Centric CRM 4,1 supports authentication with Oracle Internet Directory

We here at Centric have never used Oracle Directory. Anyone in the community?

Tom

I had authentication working with an OpenLDAP server working.
I think Oracle Directory can be treated the same...

Could someone please direct me in the correct settings for the LDAP setup to work with OpenLDAP?

Thanks,
Tom

Claudio Tranchina wrote:
I had authentication working with an OpenLDAP server working.

---

Hi Claudio,
I'm trying to get Centric CRM and OpenLDAP to work. Centric is all setup and running and so ist the OpenLDAP-server. But I can't figure out what objectclasses and attributes a user has to implement and in which other files on the OpenLDAP-Server I have to make changes.

Can you give me some advice?

Thanks,
Mark.

hi mark,

for getting the authentication working you've to setup the parameters in the file build.properties in your filelibrary
Setting the correct parameters in your centric admin page will be the same.

These parameters are strictly dependant on your environment, so I'll give you the ones I've used for reference only(I'm using the "search for attribute" method):

ObjectClass: inetOrgPerson
Attribute: uid

you can check these parameters with a simple LDAP browser like phpldapadmin.
if you're setting up the authentication with the email address as username, you need to change the Attribute to "mail" and the respective parameter in the configuration file (LDAP.CENTRIC_CRM.FIELD)

Remember also that the username MUST exist also in the Centric's database and beware of the WebDAV login credentials: these aren't retrieved from LDAP but from the Centric's user db and since there's no syncronization between them, you will easily end up in users with a password (retrieved from LDAP) for logging in into Centric and another one (retrieved from Centric's db) for WebDAV.

remember also to setup the user's container and the credentials for binding to the LDAP tree

Let me know if helped

Hi Claudio,

thanks for your fast reply!
Well, it won't work. So I just post my LDAP-Entry and the LDAP-part of the build.prperties:

LDAP-Etnry:
dn: cn=Mark Kremer, ou=pse, dc=hda, dc=de
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: Mark Kremer
sn: Kremer
telephoneNumber: 012-3456789
givenName: Mark
o:hda
userPassword: test

LDAP (build.properties)

1. LDAP integration

LDAP.ENABLED=true

1. Validate username OR email against LDAP: username|email

LDAP.CENTRIC_CRM.FIELD=username
LDAP.FACTORY=com.sun.jndi.ldap.LdapCtxFactory
LDAP.SERVER=ldap://10.0.1.132:389

1. Search by attribute, otherwise composite DN: true|false

LDAP.SEARCH.BY_ATTRIBUTE=true
LDAP.SEARCH.USERNAME=cn=Admin,dc=hda,dc=de
LDAP.SEARCH.PASSWORD=test
LDAP.SEARCH.CONTAINER=ou=pse,dc=hda,dc=de
LDAP.SEARCH.ORGPERSON=inetorgPerson
LDAP.SEARCH.SUBTREE=true
LDAP.SEARCH.ATTRIBUTE=cn

1. LDAP.SEARCH.BY_ATTRIBUTE=false
2. LDAP.SEARCH.PREFIX=cn=
3. LDAP.SEARCH.POSTFIX=,o=COMPANY

I created a Centric CRM user called 'Mark Kremer' and his password is the same as in the LDAP-Server.

Which role plays the password stored in the Centric CRM database?

Thanks for your help,
Mark.

As I told you before, the password stored in the Centric's database will only be checked for WebDAV access.

For the authentication problem, will be usefull if you'll take a look in the log (catalina.out) and post the error message you're getting when you try to log in the system...

Hi,

here the log:

• Requested action: Login
• Mon Nov 19 20:43:15 CET 2007

> Auto populating a bean: org.aspcfs.modules.login.beans.LoginBean
Login-> Retrieved SystemStatus from memory : true
LDAPUtils-> Search in LDAP failed: javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]
LDAPUtils-> LDAP authentication failed: java.lang.NullPointerException
LDAPUtils-> Authentication to LDAP - result: false
Login-> Fatal: User does not have an Id!
ControllerServlet-> Action Took: 16 ms
> Looking up resource: LoginRetry
Resource-> LoginRetry
ControllerServlet-> Resource: /Login.do?command=Default

• Requested action: Login
• Mon Nov 19 20:43:15 CET 2007

> Auto populating a bean: org.aspcfs.modules.login.beans.LoginBean
ControllerServlet-> Action Took: 16 ms
> Looking up resource: IndexPageOK
Resource-> IndexPageOK
ControllerServlet-> Resource: /indexPage.jsp
ReportRunnerJob-> Checking for new reports...

It's saying the LDAP-Credentials are invalid. But the two lines...
LDAP.SEARCH.USERNAME=cn=Admin,dc=hda,dc=de
LDAP.SEARCH.PASSWORD=test
...are definitely correct. That's how I login as an admin with my LDAP-Tool.

Thanks,
Mark.

PS: Here is the admin information that's in my slapd.conf:
database bdb
suffix "dc=hda,dc=de"
rootdn "cn=Admin, dc=dha, dc=de"
rootpw admin
directory /var/lib/ldap
index objectClass eq