- Code: Select all
1982088 [btpool0-16] INFO org.acegisecurity.ldap.DefaultInitialDirContextFactory - URL 'ldaps://SERVER.DOMAIN.local:636/OU=SBSUsers,OU=Users,OU=MyBusiness,DC=DOMAIN,DC=local', root DN is 'OU=SBSUsers,OU=Users,OU=MyBusiness,DC=DOMAIN,DC=local'
1982088 [btpool0-16] INFO org.acegisecurity.ldap.search.FilterBasedLdapUserSearch - SearchBase not set. Searches will be performed from the root: OU=SBSUsers,OU=Users,OU=MyBusiness,DC=DOMAIN,DC=local
The configuration within the advanced tab of the Subsonic page is as follows:
"Enable LDAP authentication" is checked.
LDAP URL:
- Code: Select all
ldaps://SERVER.DOMAIN.local:636/OU=SBSUsers,OU=Users,OU=MyBusiness,DC=DOMAIN,DC=local
LDAP Search Filter:
- Code: Select all
(&(sAMAccountName={0})(&(objectCategory=user)(memberof=CN=SubSonic Users,OU=Security Groups,OU=MyBusiness,DC=DOMAIN,DC=local)))
LDAP manager DN:
- Code: Select all
DOMAIN\serviceSubSonic
"Automatically create users in Subsonic" is checked.
Where DOMAIN is the domain and SERVER is the AD server (a Windows Small Business 2011 Server). I've confirmed that both LDAP and LDAPS are functional and accessible from the machine running Subsonic via Microsoft's ADExplorer.exe program. "SubSonic Users" is a valid security group on the server (though the same issue arises when the LDAP Search Filter is set to "(sAMAccountName={0})". I've tried with an without the LDAP manager DN field (and associated password) set to a service account, and to my own admin account (but the service account is able to access AD via LDAP and LDAPS via ADExplorer.exe from the machine running Subsonic). I've also tried manually creating a user that exists in AD with the username in formats "username" and "DOMAIN\username" then checking it's "Authenticate user in LDAP" field (works without that checked to a manually configured password, but with it checked it does not work). I've also tried restarting the Subsonic service with each configuration change.
Any help would be appreciated, thank you.