cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Active Directory and Apache

BryanK
13-Aquamarine
13-Aquamarine
‎Jan 16, 2008 01:41 AM
‎Jan 16, 2008 01:41 AM

Active Directory and Apache

Hi All,

I have been working with PTC on this issue and even thou they have been quite helpful I still cant get this thing to work. I have implemented the ad connector before on other systems but for some reason this one just wont work. Here is the problem. I run through steps outlined in "Title How to Configure Windchill with Active Directory " located on PTC web. It seems to work fine don't have any problems until I need to log on.

I have configured the password file and checked that it works it does. I also found that if the authentication ldap url is incorrect (not set up correctly) then I can authenticate using the normal method. Once I am in I can retrieve the users located on the AD (this to me means that the Windchill part is working correctly.) So using by means of deduction I have come to the conclusion that the problem lies within apache. ANY help would be GREATLY appreciated.


Regards,

Bryan








Bryan Kirchner
Senior Applications Engineer




2nd Floor, Clubview Forum
58 Columbia Street
Clubview, Centurion 0014
P O Box 13024, Clubview, 0014

tel
fax
e-mail
web

+27 12 673 9311
+27 12 654 2838
bkirchner@prodone.com
www.prodone.com





No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.19.2/1224 - Release Date: 2008/01/14 05:39 PM


Labels:
0 Kudos
Notify Moderator
2 REPLIES 2
imendiola
11-Garnet
11-Garnet
(To:BryanK)
‎Jan 16, 2008 09:35 AM
‎Jan 16, 2008 09:35 AM

We had some problems too with the authentication of apache with an Active Directory. One of the things that was a little bit confussing was about the port to connect to the Active Directory. The dafault port is 389 but depending which version of Active Directory are you trying to authenticate, this port may not work with Apache, so we got it working specifying port 3268 (Global Directory Catalog).

So, the app-Windchill.properties file that we were using to do it, was someting like this:

#Ant properties
#Fri Jul 13 13:35:24 CEST 2007
apacheWebApp.authRealm=Windchill
apacheWebApp.ldapUrl=ldap\://AD_SERVER\:3268/DC\=ORG_NAME,DC\=ORG_SUFIX?sAMAccountName?sub
apacheWebApp.jk2Worker=ajp13\:wtJk2Worker
apacheWebApp.jkWorker=ajp13
apacheWebApp.docBase=WT_HOME/codebase
apacheWebApp.bindDn=AD_USER
apacheWebApp.passwordFile.name=app-Windchill-Passwd
apacheWebApp.anonBind=false
apacheWebApp.bindPwd=AD_PASSWORD
apacheWebApp.pack200Handler=none


where AD_USER and AD_PASSWORD are user and password to connect to the Active Directory Server because it doesn't accept anonymous access.

Once you modify this file, to propagate the changes to Apache's conf files, the command to run is:

ant -buildfile webAppConfig.xml regenWebAppConf or ant -buildfile webAppConfig.xml regenAllWebApps

(I don't remember exactly if the first one does it, or if you need to call to the second one)

Hope this will bew useful.



http://www.prambanan-it.comIker Mendiola - Prambanan IT Services
0 Kudos
Notify Moderator
BryanK
13-Aquamarine
13-Aquamarine
(To:BryanK)
‎Jan 17, 2008 01:49 AM
‎Jan 17, 2008 01:49 AM

Hi,

Thanks to everyone that has responded so far.
0 Kudos
Notify Moderator
Announcements