4 Replies Latest reply: Jul 15, 2008 12:26 PM by 597463 RSS

    Active Directory and APEX 3.1

    597463
      I am unable to authenticate to Active Directory through the built in active directory authentication scheme in APEX 3.1.

      Is there anyway to get some debug messages from the database, or AD server. The only message I get is Authentication Denied which is not extremely helpful.
        • 1. Re: Active Directory and APEX 3.1
          60437
          There is no built-in Active Directory authentication scheme. There is a built-in LDAP scheme which, if you provide the right DN, will work in most environments where you have AD. Search this forum for Active Directory.

          Scott
          • 2. Re: Active Directory and APEX 3.1
            597463
            That correct I am using the LDAP scheme, and providing it with the appropriate DN string. The only problem is that it allways says authentication failed, without giving any error messages. So I tried with some success to test the LDAP packages provided by oracle.

            I am able to authenticate using dbms_ldap, but that only works when I provide NULL for a password.

            DECLARE
            vSession DBMS_LDAP.session;
            vResult PLS_INTEGER;
            BEGIN
            DBMS_LDAP.use_exception := TRUE;
            vSession := DBMS_LDAP.init
            ( hostname => 'CREDPWY01SDCG01'
            , portnum => 389
            );
            vResult := DBMS_LDAP.simple_bind_s
            ( ld => vSession
            , dn => 'CN=<username>,dc=credit,dc=com'
            , passwd => NULL
            );
            DBMS_Output.put_line('User authenticated!');
            vResult := DBMS_LDAP.unbind_s(vSession);
            END;

            I am not able to authenticate at all when using apex_ldap regardless if I pass NULL for the password, or use the real password.

            BEGIN
            IF APEX_LDAP.authenticate
            ( p_username => '<username>'
            , p_password => NULL
            , p_search_base => 'dc=credit,dc=com'
            , p_host => 'CREDPWY01SDCG01'
            , p_port => 389
            )
            THEN
            DBMS_Output.put_line('ok');
            ELSE
            DBMS_Output.put_line('not ok');
            END IF;
            END;
            • 3. Re: Active Directory and APEX 3.1
              60437
              I searched the forum and found this. Maybe it will help: Re: MS Active Directory authentication .

              Scott
              • 4. Re: Active Directory and APEX 3.1
                597463
                That did the trick. Instead of using a standard DN string 'cn=%LDAP_USER%, dn=mydomain, dn=com' you just use the following string mydomain\%LDAP_USER%