This conversation has been locked due to inactivity. Please create a new post.
 
     
     
    
            
          
This conversation has been locked due to inactivity. Please create a new post.
          
        
We just built our first AEM 6.4 server and have configured the LDAP authentication. When logging in with an LDAP user (not a locally created user) we get an Error 500 page and the /aem/start.html page doesn't load. Even if you manually enter the URL, it doesn't load, just gives the Error 500. However, if we login with an internally created test user, we go right to the /aem/start.html page.
The LDAP configuration appears to be correct because the user can log in - I have tested using the wrong password and get the error message for that. Also, when I go to Security - Permissions, I see that the user has been created, and that the LDAP group that they belong to has been created. I assumed that it was a permissions issue and gave their Group the correct permissions - in this case Administrator group membership - then closed the browser and logged in again. No joy. However, if I log in with Admin and then Impersonate the user, I get to everything (Sites, Assets, Tools, all of it).
We are currently running three tiers of AEM 6.3 with LDAP - the exact same LDAP settings that we configured on this new 6.4 server. That has been working for years without a problem. So we are very familiar with how to configure the settings. And so far the logs have failed to give us any insight.
Is there something about the LDAP configuration that has changed since 6.3? Anyone else have a similar problem?
Thanks!
Diana W.
Solved! Go to Solution.
Views
Replies
Total Likes
          
        
Solved the problem. There were a number of other entries under the Oak Default Sync Handler and the Oak External Login module for Communities. I deleted all of these entries and then the login to our LDAP worked fine. I am assuming those other entries were part of the demo stuff that comes with the usual install.
Views
Replies
Total Likes
          
        
Can you set up a DEBUG level logger on the following classes:
org.apache.jackrabbit.oak.security.authentication.ldap
org.apache.jackrabbit.oak.spi.security.authentication.external
Try logging in again and check if you can find anything related to user/group issues
Views
Replies
Total Likes
          
        
No, nothing relating to problems with the user or the group. Below is an image of the logged error - which is also what I see on the screen.
Views
Replies
Total Likes
          
        
Solved the problem. There were a number of other entries under the Oak Default Sync Handler and the Oak External Login module for Communities. I deleted all of these entries and then the login to our LDAP worked fine. I am assuming those other entries were part of the demo stuff that comes with the usual install.
Views
Replies
Total Likes
 
					
				
				
			
		
Views
Likes
Replies
Views
Likes
Replies
Views
Likes
Replies