Directory Services LDAP fails with FMS debug log message :
2011-07-13 06:52:19.157 DEBUG [http-0.0.0.0-8080-1] com.quest.nitro.service.security.auth.spi.NitroExtendedLdapLoginModule -
Failed to validate password javax.naming.PartialResultException:
Unprocessed Continuation Reference(s); remaining name
The issue appears to be because the FMS LDAP does not follow referrals. When searching for the user's roles, debug mode shows that the LDAP server returns a referral instead of the requested object. The FMS then ignores this we do not process referrals.
To work around this, you have to do the following
- Add this vm.option to Foglight.config. Be sure to use the next "option<n>" number
foglight.vm.option0 = "-Djava.naming.referral=follow";
- In the Directory Services dashboard
Change "Mode of Group Searching" to indirect
Re-type the password
- Restart the FMS
