I am trying to get a test instance of PingFederate working. I am having an issue with LDAP auth. I have a single server hosting my AD and PF-IDP and a separate server hosting my SP. I have setup htmlformadapter for my test purposes. So, when I hit my SP initiated SSO url like: https://SPSERVER:9031/sp/startSSO.ping?PartnerIdpId=sppartner
I get redirected to the https://IDPSERVER:9031/idp/SSO.saml2
and I get to see the html form. When I enter valid credentials like user: ADuser pwd: ADpwd
I get we didn't recognise the username or password .... error. On the server logs, I see
11:18:20,610 DEBUG [LDAPUsernamePasswordCredentialValidator] search sAMAccountName=guest
11:18:20,610 DEBUG [LDAPPasswordCredentialValidatorResult] LDAP error authenticating user in 'MyDC01'. The response was interpreted as 'authn.srvr.msg.user.not.found'.
if I enter my user name as Domain\User, it gets garbled in the logs like below
11:18:20,610 DEBUG [LDAPUsernamePasswordCredentialValidator] search sAMAccountName=domain\5cuser
11:18:20,610 DEBUG [LDAPPasswordCredentialValidatorResult] LDAP error authenticating user in 'MyDC01'. The response was interpreted as 'authn.srvr.msg.user.not.found'.
What am I doing wrong? I have checked my datastore configs and the tests there work fine.
thanks
OK. I was referring to an empty OU in my password-validator config. Thanks to Federico from PingIdentity.