[Bug 228229] New: Not possible to add a user in a LDAP Server
https://bugzilla.novell.com/show_bug.cgi?id=228229 Summary: Not possible to add a user in a LDAP Server Product: openSUSE 10.2 Version: Final Platform: PC OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: gjn@gjn.priv.at QAContact: jsrain@novell.com It is not more possible with the YaST2_User_Module to add a user in a ldap Server ? The Problem is a Config Problem When you do NOT configure ldap with a TLS, the YaST2 Module always search for TLS, and tell us, no connection to a ldap Server possible? You have to add a CA, then all works fine ? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 chrubis@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team- |jsuchome@novell.com |screening@forge.provo.novell| |.com | NTS Priority| |900 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 jsuchome@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |gjn@gjn.priv.at ------- Comment #1 from jsuchome@novell.com 2006-12-14 06:31 MST ------- I can't believe this is true - I have my own configuration with LDAP server without TLS and it is possible to work with the users there using yast2-users. Please attach /etc/ldap.conf -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 gjn@gjn.priv.at changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|gjn@gjn.priv.at | ------- Comment #2 from gjn@gjn.priv.at 2006-12-14 07:59 MST ------- I tell you my scenario ;) First I create LDAP with the new LDAP Server module without TLS support and later I will add user, this is not possible. The last Test I create a CA, with YaST2 Module create LDAP with YaST2 Server Module and now I can create USER with YaST2 User Module? I have only the last ldap.conf with TLS :( -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 ------- Comment #3 from gjn@gjn.priv.at 2006-12-14 08:01 MST ------- Created an attachment (id=109748) --> (https://bugzilla.novell.com/attachment.cgi?id=109748&action=view) The 2 ldap.conf Include are /etc/ldap/conf and /etc/openldap/ldap.conf -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 jsuchome@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |rhafer@novell.com Status|ASSIGNED |NEEDINFO Info Provider| |gjn@gjn.priv.at ------- Comment #4 from jsuchome@novell.com 2006-12-15 03:30 MST ------- I do not understand what is your problem. Your /etc/ldap.conf contains start_tls, so yast2-users wants to use TLS when accessing LDAP server. If the server is configured differently, that is a problem of wrong configuration. Or is the problem in a fact that you reconfigured the server, but not LDAP client? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 ------- Comment #5 from jsuchome@novell.com 2006-12-20 04:54 MST ------- Any news? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 gjn@gjn.priv.at changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|gjn@gjn.priv.at | ------- Comment #6 from gjn@gjn.priv.at 2006-12-20 05:45 MST ------- I don't check before the /etc/ldap.conf, my mistake :(. All I can say, I make three new fresh installation and have always the same problem, I cant add user ? I check the TSL YaST2 in Server und Client. I have no time in the moment, to install it new ;) and I forgot to save the YaST2.logs :(. Pleas wait after 24.12.06. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 jsuchome@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO Info Provider| |gjn@gjn.priv.at -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 gjn@gjn.priv.at changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|gjn@gjn.priv.at | ------- Comment #7 from gjn@gjn.priv.at 2007-01-01 05:35 MST ------- I found the mistake ;) When I create a Ldap Database, with Yast2 Ldap-Server and like to create the Database without TLS. I have after all configuration go back to the entry TLS, The TLS is again active ? , I have to switch TLS again off and save the configuration. Then I can create users ? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 jsuchome@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO Info Provider| |rhafer@novell.com ------- Comment #8 from jsuchome@novell.com 2007-01-03 23:49 MST ------- Ralf, I'm not sure that I understand but doesn't Guenther have some problem with serever configuration? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 rhafer@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |gjn@gjn.priv.at ------- Comment #10 from rhafer@novell.com 2007-01-16 02:35 MST ------- To me it looks if the reporter is mixing up some things here between yast2-ldap-server and yast2-ldap-client. If I understood correctly you setup an LDAP Server with yast2-ldap-server which hase TLS disabled. Then you start yast2-ldap-client and configure it to use TLS (which is IIRC the default). This can't work of course, because that does not re-configure the LDAP Server to use TLS as well. Did I understand you correctly? If not, please give a really detailed description of what you really did. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 gjn@gjn.priv.at changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|gjn@gjn.priv.at | ------- Comment #11 from gjn@gjn.priv.at 2007-01-16 03:18 MST ------- No ;) The Problem is, when you setup a LDAP Server with yast2-ldap-server and TLS is disabled, the TLS is enabled ? You have go back to the screnn with TLS and disable the TLS again, than you can save the setup. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 rhafer@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |gjn@gjn.priv.at ------- Comment #12 from rhafer@novell.com 2007-01-16 03:28 MST ------- (In reply to comment #11)
No ;)
The Problem is, when you setup a LDAP Server with yast2-ldap-server and TLS is disabled, the TLS is enabled ? Please be more specific. I have no idea what the above sentence should tell me :)
You have go back to the screnn with TLS and disable the TLS again, than you > can save the setup.
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 gjn@gjn.priv.at changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|gjn@gjn.priv.at | ------- Comment #13 from gjn@gjn.priv.at 2007-01-16 04:18 MST ------- #12 (German) Hallo Ralf, Bei einem neu installierten System und ein durch Yast konfiguriertem LDAP Server, wird trotz TLS abgeschaltet, TLS eingeschaltet, erst ein zurückgehen auf die Seite wo TLS konfiguriert wird und erneutes ausschalten des TLS speicheret die konfiguration richtig, also OHNE TLS. Ich hoffe jetzt verstanden worden zu sein ;) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 rhafer@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |gjn@gjn.priv.at ------- Comment #14 from rhafer@novell.com 2007-01-16 04:29 MST ------- (In reply to comment #13)
Ich hoffe jetzt verstanden worden zu sein ;) Noch nicht so ganz. ;)
Please describe in detail (german is ok) the order and the exact steps that you are performing with the different YaST Modules. Hopefully I can reproduce you problem then. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 gjn@gjn.priv.at changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|gjn@gjn.priv.at | ------- Comment #15 from gjn@gjn.priv.at 2007-01-16 05:07 MST ------- Also noch maol von vorne. Neu Installation von 10.2. Da noch KEIN Certificat erstellt wurde, LDAP konfiguration OHNE TLS. Jetzt kommt das Problem. Man möchte user anlegen und konfiguriert den client OHNE TLS. Das wird mit der "eigenartigen" Meldung verweigert, kein Zugriff auf localhost, oder so ähnlich. Das Problem ist, Yast2 ldap-server erzeugt eine Konfiguration MIT TLS, obwohl man TLS deaktiviert hatte. Wenn man aber bei der installation des Yast2 ldap-server kontroliert ob TLS "wirklich" abgeschaltet ist, merkt man "TLS ist WIEDER ACTIV, ein erneutes abschalten und sofortiges speichern, erzeugt dann eine Konfiguration OHNE TLS, und man kann dann mit Yast2 user anlegen. Ich hoffe diesmal alles richtig geschildert zu haben ;) Das ich immer so eigenartige Fehler finden muß :). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 rhafer@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- Comment #16 from rhafer@novell.com 2007-01-16 07:47 MST ------- I guess I understand now. I'll try to reproduce. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=228229 rhafer@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED ------- Comment #17 from rhafer@novell.com 2007-03-05 09:15 MST ------- My attempt of translation the problem to english: yast2-ldap-server or yast2-ldap-client (I still think you are mixing them up a bit) seem to forget that TLS was disabled when the user explicitly disabled it in the respective dialogs. I tried to reproduce this with yast2-ldap-server and yast2-ldap-client in 10.3alpha1 and everything worked as expected. Meaning neither yast2-ldap-server nor yast2-ldap-client forgot about the disabled TLS setting and correctly wrote their config files. I am moving this bug to 10.3 as we would not have released an update for 10.2 for this problem anyway. For 10.3 I regard this as fixed. Feel free to test it yourself with 10.3alpha a reopen this report if I understood you wrong or the problem does still exist in the 10.3 branch. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
participants (1)
-
bugzilla_noreply@novell.com