我想获得一个PingFederate测试实例的工作。我遇到LDAP身份验证问题。我有一台托管我的AD和PF-IDP的服务器,以及一台托管我的SP的独立服务器。我为我的测试目的设置了htmlformadapter。所以,当我打我的SP发起的SSO网址,如: https://SPSERVER:9031/sp/startSSO.ping?PartnerIdpId=sppartnerPingFederate IDP配置与LDAP
我重定向到 https://IDPSERVER:9031/idp/SSO.saml2
,我能看到的HTML表单。当我输入有效凭证如 用户:ADuser pwd:ADpwd
我得到we didn't recognise the username or password ....错误。在服务器日志中,我看到 11:18:20,610 DEBUG [LDAPUsernamePasswordCredentialValidator] search sAMAccountName=guest 11:18:20,610 DEBUG [LDAPPasswordCredentialValidatorResult] LDAP error authenticating user in 'MyDC01'. The response was interpreted as 'authn.srvr.msg.user.not.found'.
如果我输入用户名Domain\User,它就会在日志中出现乱码像下面 11:18:20,610 DEBUG [LDAPUsernamePasswordCredentialValidator] search sAMAccountName=domain\5cuser 11:18:20,610 DEBUG [LDAPPasswordCredentialValidatorResult] LDAP error authenticating user in 'MyDC01'. The response was interpreted as 'authn.srvr.msg.user.not.found'.
我在做什么错?我检查了我的数据存储配置和测试那里工作正常。
谢谢
下面是我的验证配置额外配置: '搜索基础\t CN =用户,CN =内建,DC = MYDOMAIN,DC = com' '筛选搜索\t sAMAccountName赋= $ {用户名}' –