You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@directory.apache.org by Andy Brook <ja...@gmail.com> on 2022/11/15 11:10:49 UTC
Problems connecting to ldap.google.com via Directory
Hi,
Connecting to google workspaces via ldap has been on my todo list for a
while. Have just tried with 2.0M17 but without success. I have imported
google ldap cert into cacerts:
Owner: ST=California, C=US, OU=GSuite, CN=LDAP Client, L=Mountain View,
O=Google Inc.
Issuer: ST=California, C=US, OU=GSuite, CN=LDAP Client, L=Mountain View,
O=Google Inc.
Serial number: 1847ac30780
Valid from: Tue Nov 15 10:08:32 GMT 2022 until: Fri Nov 14 10:08:32 GMT 2025
If validated the service from the google docs (
https://support.google.com/a/answer/9190869), the openssl command returns
as expected with "Verify return code: 0 (ok)"
I have created google ldap client (with all access permissions) and access
creds : https://support.google.com/a/answer/9048541#generate-access-codes
and put this in the Directory "Authentication" params for Simple Auth,
"Check Authentication" generates "ERR_04169_RESPONSE_QUEUE_EMPTIED" that
https://issues.apache.org/jira/browse/DIRSERVER-2337 indicates is a symptom
rather than cause, the fuller stack just indicates timeout.
I can't seem to authenticate, so can't get to even Fetch Base DN's etc.
Anyone trod this path before?! Any pointers? My end goal is establish a
connection from Java, Directory Studio connectivity is the litmus test!
Thanks for any replies!
Andy
Re: Problems connecting to ldap.google.com via Directory
Posted by Emmanuel Lécharny <el...@gmail.com>.
Hi,
can you provide the code you are using ?
On 2022/11/15 12:10, Andy Brook wrote:
> Hi,
> Connecting to google workspaces via ldap has been on my todo list for a
> while. Have just tried with 2.0M17 but without success. I have imported
> google ldap cert into cacerts:
>
> Owner: ST=California, C=US, OU=GSuite, CN=LDAP Client, L=Mountain View,
> O=Google Inc.
> Issuer: ST=California, C=US, OU=GSuite, CN=LDAP Client, L=Mountain View,
> O=Google Inc.
> Serial number: 1847ac30780
> Valid from: Tue Nov 15 10:08:32 GMT 2022 until: Fri Nov 14 10:08:32 GMT 2025
>
> If validated the service from the google docs (
> https://support.google.com/a/answer/9190869), the openssl command returns
> as expected with "Verify return code: 0 (ok)"
>
> I have created google ldap client (with all access permissions) and access
> creds : https://support.google.com/a/answer/9048541#generate-access-codes
> and put this in the Directory "Authentication" params for Simple Auth,
> "Check Authentication" generates "ERR_04169_RESPONSE_QUEUE_EMPTIED" that
> https://issues.apache.org/jira/browse/DIRSERVER-2337 indicates is a symptom
> rather than cause, the fuller stack just indicates timeout.
>
> I can't seem to authenticate, so can't get to even Fetch Base DN's etc.
>
> Anyone trod this path before?! Any pointers? My end goal is establish a
> connection from Java, Directory Studio connectivity is the litmus test!
>
> Thanks for any replies!
> Andy
>
--
*Emmanuel Lécharny - CTO* 205 Promenade des Anglais – 06200 NICE
T. +33 (0)4 89 97 36 50
P. +33 (0)6 08 33 32 61
emmanuel.lecharny@busit.com https://www.busit.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
For additional commands, e-mail: users-help@directory.apache.org
Re: Problems connecting to ldap.google.com via Directory
Posted by Andy Brook <ja...@gmail.com>.
I have since been able to setup stunnel4 using the cert+key files from the
google ldap client and connected from Directory Studio without
authentication to get to Fetch DN's part/retrieve data, but how to use
Directory Studio alone for this?
On Tue, 15 Nov 2022 at 11:10, Andy Brook <ja...@gmail.com> wrote:
> Hi,
> Connecting to google workspaces via ldap has been on my todo list for a
> while. Have just tried with 2.0M17 but without success. I have imported
> google ldap cert into cacerts:
>
> Owner: ST=California, C=US, OU=GSuite, CN=LDAP Client, L=Mountain View,
> O=Google Inc.
> Issuer: ST=California, C=US, OU=GSuite, CN=LDAP Client, L=Mountain View,
> O=Google Inc.
> Serial number: 1847ac30780
> Valid from: Tue Nov 15 10:08:32 GMT 2022 until: Fri Nov 14 10:08:32 GMT
> 2025
>
> If validated the service from the google docs (
> https://support.google.com/a/answer/9190869), the openssl command returns
> as expected with "Verify return code: 0 (ok)"
>
> I have created google ldap client (with all access permissions) and access
> creds : https://support.google.com/a/answer/9048541#generate-access-codes
> and put this in the Directory "Authentication" params for Simple Auth,
> "Check Authentication" generates "ERR_04169_RESPONSE_QUEUE_EMPTIED" that
> https://issues.apache.org/jira/browse/DIRSERVER-2337 indicates is a
> symptom rather than cause, the fuller stack just indicates timeout.
>
> I can't seem to authenticate, so can't get to even Fetch Base DN's etc.
>
> Anyone trod this path before?! Any pointers? My end goal is establish a
> connection from Java, Directory Studio connectivity is the litmus test!
>
> Thanks for any replies!
> Andy
>
>
--
Andy Brook