AnsweredAssumed Answered

ldap integration with activiti on tomcat7

Question asked by ilansch on Dec 21, 2015
Latest reply on Dec 22, 2015 by jbarrez
I want acitivi it to work with Windows Server 2012R2 Active Directory for authentication.
I have configured the activiti-custom-context ldap settings as following:

<!– Server connection params –>
            <property name="server" value="ldap://NIA-DC01" />
            <property name="port" value="389" />
            <property name="user" value="uid=DevUser,OU=Salli,OU=Users,DC=NIA,DC=DOM" />
            <property name="password" value="MyPass" />

            <!– Query params –>
            <property name="baseDn" value="DC=NIA,DC=DOM" />
            <property name="queryUserByUserId" value="(&amp;(objectClass=inetOrgPerson)(uid={0}))" />
            <property name="queryUserByFullNameLike" value="(&amp;(objectClass=inetOrgPerson)(|({0}=*{1}*)({2}=*{3}*)))" />
            <property name="queryGroupsForUser" value="(&amp;(objectClass=groupOfUniqueNames)(uniqueMember={0}))" />

            <!– Attribute config –>
            <property name="userIdAttribute" value="uid" />
            <property name="userFirstNameAttribute" value="cn" />
            <property name="userLastNameAttribute" value="sn" />
            <property name="userEmailAttribute" value="mail" />

            <property name="groupIdAttribute" value="cn" />
            <property name="groupNameAttribute" value="cn" />


I am getting the following exception:
LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v23f0

DevUser exist on active directory:

What am i missing ? I have also edited activiti-ui-context as following:
  <property name="adminGroups">
  <property name="userGroups">