[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#6675) ConnectException UnknownHostException using subdomain URL when searching
- To: openldap-its@OpenLDAP.org
- Subject: (ITS#6675) ConnectException UnknownHostException using subdomain URL when searching
- From: adolfo@ingenia.es
- Date: Thu, 14 Oct 2010 10:54:36 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
Full_Name: Adolfo Cortés
Version: openldap-2.3.43-12.el5
OS: CentOS release 5.2
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (62.15.226.90)
I try to connect to an Active directory from a java application using JNDI
/OpenLDAP openldap-2.3.43-12.el5 in CentOS release 5.2
When i did a search i get a CommunicationException
Error : javax.naming.CommunicationException: xxxxxxxx.es:636 [Root exception is
java.net.UnknownHostException: xxxxxxxx.es]]
xxxxxxxx.es:636 is reachable and another operations over LDAP as create user
goes fine.
I see that the problem is related to the DNS configuration:
the Active Directory server DNS is aaaaa.bbbbb.xxxxxxxx.es but the base search
is only xxxxxxxx.es
when I do the search i get the exception because it takes xxxxxxxx.es instead of
ssss.xxxxxxxx.es to perform the operation.
I tried to solve it adding xxxxxxxx.es to hosts and writing the same IP of
aaaaa.bbbbb.xxxxxxxx.es , so the bypass works and the connection goes but now i
have a new problem, when i execute the search it connects but retrieves a
Referral Limit Exception, i´m thinking because there are jumps or confussion
between aaaaa.bbbbb.xxxxxxxx.es and xxxxxxxx.es because of the hosts bypass i
did.
So my workaround doesn´t works and i need to know or solve the connection
problem for use subdomain DNS and domain in search base.
Connection Parameters: everytihg goes right, is interesting the url, using not
secure ldap protocol I also get the same error.
[url: ldaps://aaaaa.bbbbb.xxxxxxxx.es]
java.naming.security.authentication:simple
Usuario mypassword@bbbbb.xxxxxxxx.es]
Password[getLDAPropertiesSSL]:mypassword]
keystore[getLDAPropertiesSSL]:/opt/java/jre/lib/security/jssecacerts
trustStore[getLDAPropertiesSSL]:/opt/java/jre/lib/security/jssecacerts
Especificacion uso SSL[getLDAPPropertiesSSL]java.naming.security.protocol ssl
Search details: see that base DC is xxxxxxxx.es
[base: OU=YYY,DC=xxxxxxxx,DC=es]
[searchFilter: (&(objectClass=group)(cn={0}))]
[filterArgs: new String[] {Usuarios}]
[searchControls: SUBTREE_SCOPE, Atributes null, returningobjflag true]
This Hosts file doesn´t produce the Communication ERROR
aaaaa.bbbbb.xxxxxxxx.es ccc.ccc.ccc.ccc
xxxxxxxx.es ccc.ccc.ccc.ccc
With this hosts file i get the Communication ERROR
aaaaa.bbbbb.xxxxxxxx.es ccc.ccc.ccc.ccc
If i try this search directly in the AD server console, it works giving me the
results.
Thanks in advance,
Adolfo