https://connect.hyland.com/t5/alfresco-archive/ldap-integration-with-activiti-on-tomcat7/m-p/224311#M177441 <HTML><HEAD></HEAD><BODY><SPAN>Hi, </SPAN><BR /><SPAN>I want acitivi it to work with Windows Server 2012R2 Active Directory for authentication.</SPAN><BR /><SPAN>I have configured the activiti-custom-context ldap settings as following:</SPAN><BR /><BR /><SPAN>&lt;!– Server connection params –&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="server" value="ldap://NIA-DC01" /&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="port" value="389" /&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="user" value="uid=DevUser,OU=Salli,OU=Users,DC=NIA,DC=DOM" /&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="password" value="MyPass" /&gt;</SPAN><BR /><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;!– Query params –&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="baseDn" value="DC=NIA,DC=DOM" /&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="queryUserByUserId" value="(&amp;amp;(objectClass=inetOrgPerson)(uid={0}))" /&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="queryUserByFullNameLike" value="(&amp;amp;(objectClass=inetOrgPerson)(|({0}=*{1}*)({2}=*{3}*)))" /&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="queryGroupsForUser" value="(&amp;amp;(objectClass=groupOfUniqueNames)(uniqueMember={0}))" /&gt;</SPAN><BR /><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;!– Attribute config –&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="userIdAttribute" value="uid" /&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="userFirstNameAttribute" value="cn" /&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="userLastNameAttribute" value="sn" /&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="userEmailAttribute" value="mail" /&gt;</SPAN><BR /><BR /><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="groupIdAttribute" value="cn" /&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="groupNameAttribute" value="cn" /&gt;</SPAN><BR /><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/bean&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/list&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp; &lt;/property&gt;&nbsp;&nbsp;&nbsp;&nbsp; </SPAN><BR /><BR /><SPAN>I am getting the following exception:</SPAN><BR /><SPAN>LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v23f0 </SPAN><BR /><BR /><SPAN>DevUser exist on active directory: </SPAN><A href="http://i.imgur.com/pqM2pRu.png" rel="nofollow noopener noreferrer">http://i.imgur.com/pqM2pRu.png</A><BR /><BR /><SPAN>What am i missing ? I have also edited activiti-ui-context as following:</SPAN><BR /><SPAN>&nbsp; &lt;property name="adminGroups"&gt;</SPAN><BR /><SPAN>&nbsp; &lt;list&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp; &lt;value&gt;admin&lt;/value&gt;</SPAN><BR /><SPAN>&nbsp; &lt;/list&gt;</SPAN><BR /><SPAN>&nbsp; &lt;/property&gt;</SPAN><BR /><SPAN>&nbsp; &lt;property name="userGroups"&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp; &lt;list&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;value&gt;user&lt;/value&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp; &lt;/list&gt;</SPAN><BR /><SPAN>&lt;/property&gt;</SPAN><BR /></BODY></HTML> Mon, 21 Dec 2015 15:52:04 GMT ilansch 2015-12-21T15:52:04Z https://connect.hyland.com/t5/alfresco-archive/ldap-integration-with-activiti-on-tomcat7/m-p/224311#M177441 Hi, I want acitivi it to work with Windows Server 2012R2 Active Directory for authentication.I have configured the activiti-custom-context ldap settings as following:&lt;!– Server connection params –&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="server" value="ldap://NIA-DC01" /&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name Mon, 21 Dec 2015 15:52:04 GMT https://connect.hyland.com/t5/alfresco-archive/ldap-integration-with-activiti-on-tomcat7/m-p/224311#M177441 ilansch 2015-12-21T15:52:04Z https://connect.hyland.com/t5/alfresco-archive/ldap-integration-with-activiti-on-tomcat7/m-p/224312#M177442 <HTML><HEAD></HEAD><BODY><SPAN>The configuration information is at:</SPAN><BR /><A href="http://pastebin.com/fcR7fudL" rel="nofollow noopener noreferrer">http://pastebin.com/fcR7fudL</A><BR /><BR /><BR /><SPAN>SO question (clear) : </SPAN><A href="http://stackoverflow.com/questions/34399380/application-hosted-in-tomcat7-fail-to-use-ldap-with-windows-active-directory" rel="nofollow noopener noreferrer">http://stackoverflow.com/questions/34399380/application-hosted-in-tomcat7-fail-to-use-ldap-with-windows-active-directory</A><BR /><BR /><SPAN>and complete error log: </SPAN><A href="http://pastebin.com/Mj2u5pAg" rel="nofollow noopener noreferrer">http://pastebin.com/Mj2u5pAg</A></BODY></HTML> Mon, 21 Dec 2015 15:55:56 GMT https://connect.hyland.com/t5/alfresco-archive/ldap-integration-with-activiti-on-tomcat7/m-p/224312#M177442 ilansch 2015-12-21T15:55:56Z https://connect.hyland.com/t5/alfresco-archive/ldap-integration-with-activiti-on-tomcat7/m-p/224313#M177443 <HTML><HEAD></HEAD><BODY><SPAN>When I google "LdapErr: DSID-0C0903C5" it seems to point to 'invalid credentials' …</SPAN></BODY></HTML> Tue, 22 Dec 2015 11:41:31 GMT https://connect.hyland.com/t5/alfresco-archive/ldap-integration-with-activiti-on-tomcat7/m-p/224313#M177443 jbarrez 2015-12-22T11:41:31Z