我想獲得一個PingFederate測試實例的工作。我遇到LDAP身份驗證問題。我有一臺託管我的AD和PF-IDP的服務器,以及一臺託管我的SP的獨立服務器。我爲我的測試目的設置了htmlformadapter。所以,當我打我的SP發起的SSO網址,如: https://SPSERVER:9031/sp/startSSO.ping?PartnerIdpId=sppartnerPingFederate IDP配置與LDAP
我重定向到 https://IDPSERVER:9031/idp/SSO.saml2
,我能看到的HTML表單。當我輸入有效憑證如 用戶:ADuser pwd:ADpwd
我得到we didn't recognise the username or password ....錯誤。在服務器日誌中,我看到 11:18:20,610 DEBUG [LDAPUsernamePasswordCredentialValidator] search sAMAccountName=guest 11:18:20,610 DEBUG [LDAPPasswordCredentialValidatorResult] LDAP error authenticating user in 'MyDC01'. The response was interpreted as 'authn.srvr.msg.user.not.found'.
如果我輸入用戶名Domain\User,它就會在日誌中出現亂碼像下面 11:18:20,610 DEBUG [LDAPUsernamePasswordCredentialValidator] search sAMAccountName=domain\5cuser 11:18:20,610 DEBUG [LDAPPasswordCredentialValidatorResult] LDAP error authenticating user in 'MyDC01'. The response was interpreted as 'authn.srvr.msg.user.not.found'.
我在做什麼錯?我檢查了我的數據存儲配置和測試那裏工作正常。
謝謝
下面是我的驗證配置額外配置: '搜索基礎\t CN =用戶,CN =內建,DC = MYDOMAIN,DC = com' '篩選搜索\t sAMAccountName賦= $ {用戶名}' –