Friday, June 06, 2008

Odd LDAP Calls from Contribute Publishing Services

We've recently updated our LDAP and noticed a slowdown on authenticating through Contribute Publishing services. Upon looking into the issue, we determined that Contribute Publishing Server was sending what to us appears to be a malformed LDAP filter. Before I call Adobe support, I thought I'd check to see if anybody else has encountered this issues. Our setup looks something like this. (I've changed the actual data for security reasons.)

sample config 1

Our user search tab has CN, Mail and UID Defined along with a basic filter. (!(status=I)) Our Group tab is blank as our LDAP does not contain groups. With this setup, when attempting to authenticate user lm1000, CPS send the following filter to the LDAP.

(&(!(status=I))(|(uid=lm1000)(=lm1000)))

When I run this filter in an LDAP browser I see the same slow behavior, however when I remove (=lm1000) the LDAP responds immediately. Has anyone seen this behavior before? Am I not configuring something properly, because to the best of my knoledge, an LDAP filter must contain an attribute name to look for a value in.

Update: It turns out that adding the UID field in the group tab resolves this issue.

Labels: , , ,

posted by Luis

0 Comments:

Post a Comment

<< Home

Template design by MLP Design
Licensed under CC-NC 3.0