Hi again 
I tried to connect my comunda 7 run to my existing ldap but unfortunately i didnt start a revolution. Now i found a hint to this online test ldap server and it worked. So i thought maybe i have the wrong structure in my ldap. So i set up a windows server 2012 vm and created a fresh domain and added 3 users “comunda-admin”, “userA”, “userB”. All of them are in the top hierarchy.
I tried to use them with ldapsearch and it worked. But still my comunda cannot connect.
<plugin>
<class>org.camunda.bpm.identity.impl.ldap.plugin.LdapIdentityProviderPlugin</class>
<properties>
<property name="serverUrl">ldap://dc1.zarat.local:389/</property>
<property name="acceptUntrustedCertificates">true</property>
<property name="managerDn">cn=camunda-admin,dc=zarat,dc=local</property>
<property name="managerPassword">s3cr3t</property>
<property name="baseDn">dc=zarat,dc=local</property>
<property name="userSearchBase"></property>
<property name="userSearchFilter">(objectclass=person)</property>
<property name="userIdAttribute">uid</property>
<property name="userFirstnameAttribute">cn</property>
<property name="userLastnameAttribute">sn</property>
<property name="userEmailAttribute">mail</property>
<property name="userPasswordAttribute">password</property>
<property name="groupSearchBase"></property>
<property name="groupSearchFilter">(objectclass=groupOfNames)</property>
<property name="groupIdAttribute">cn</property>
<property name="groupNameAttribute">cn</property>
<property name="groupMemberAttribute">member</property>
<property name="sortControlSupported">false</property>
</properties>
</plugin>
Should they all be in a specific group or something? The error message is
[LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580 ]
Thank you
Do you have any other idea?