我已经配置了读/写AD为WSO2IS 5.3.0中的辅助存储。我可以在列表用户中看到广告用户,但无法通过管理控制台创建广告用户。更新了我的广告相关属性:
<Property name="ConnectionURL">ldap://10.100.1.102:389</Property>
<Property name="ConnectionName">cn=admin,dc=wso2,dc=org</Property>
<Property encrypted="true" name="ConnectionPassword">kuv2MubUUveMyv6GeHrXr9il59ajJIqUI4eoYHcgGKf/BBFOWn96NTjJQI+wYbWjKW6r79S7L7ZzgYeWx7DlGbff5X3pBN2Gh9yV0BHP1E93QtFqR7uTWi141Tr7V7ZwScwNqJbiNoV+vyLbsqKJE7T3nP8Ih9Y6omygbcLcHzg=</Property>
<Property name="UserSearchBase">OU=Users,dc=wso2,dc=org</Property>
<Property name="UserNameAttribute">cn</Property>
<Property name="UserDNPattern">cn={0},OU=Users,dc=wso2,dc=org</Property>
<Property name="GroupSearchBase">OU=Groups,dc=wso2,dc=com</Property>
我从WSO2创建广告用户时会出现以下错误:
Caused by: javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - 00000057: LdapErr: DSID-0C090CD7, comment: Error in attribute conversion operation, data 0, v2580 ]; remaining name 'cn=testuser'.
[2017-12-14 16:29:10,142] ERROR {org.wso2.carbon.user.mgt.ui.UserAdminClient} - Error while enabling the user account. Please check password policy at DC for user : testuser
org.wso2.carbon.user.mgt.stub.UserAdminUserAdminException: UserAdminUserAdminException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at java.lang.Class.newInstance(Class.java:442)
请检查您的广告侧密码策略,并检查测试用户提供的密码是否遵守。
[1] https://technet.microsoft.com/en-us/library/cc731699(v = ws.11).aspx