[opensuse-buildservice] obs 2.4 and ldap
Hello, I'm attempting to configure ldap authentication in OBS 2.4 and get the warning "ldap_mode selected but 'ruby-ldap' module not installed." when I try to login w/an ldap account. I do have rubygem-ruby-ldap from the OBS:Server:2.4 repo installed and have restarted apache/passenger to ensure it's available. Any thoughts as to what's causing this? -- Later, Darin -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
Read release notes. LDAP auth doesn't work. On 27.03.2013, at 17:30, Darin Perusich <darin@darins.net> wrote:
Hello,
I'm attempting to configure ldap authentication in OBS 2.4 and get the warning "ldap_mode selected but 'ruby-ldap' module not installed." when I try to login w/an ldap account. I do have rubygem-ruby-ldap from the OBS:Server:2.4 repo installed and have restarted apache/passenger to ensure it's available. Any thoughts as to what's causing this?
-- Later, Darin -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
-- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
doh...thanks -- Later, Darin On Wed, Mar 27, 2013 at 11:21 AM, Kanstantsin Shautsou <gentoo.integer@gmail.com> wrote:
Read release notes. LDAP auth doesn't work.
On 27.03.2013, at 17:30, Darin Perusich <darin@darins.net> wrote:
Hello,
I'm attempting to configure ldap authentication in OBS 2.4 and get the warning "ldap_mode selected but 'ruby-ldap' module not installed." when I try to login w/an ldap account. I do have rubygem-ruby-ldap from the OBS:Server:2.4 repo installed and have restarted apache/passenger to ensure it's available. Any thoughts as to what's causing this?
-- Later, Darin -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
-- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
JFYI, the new packages are there now. On Mittwoch, 27. März 2013, 11:45:40 wrote Darin Perusich:
doh...thanks -- Later, Darin
On Wed, Mar 27, 2013 at 11:21 AM, Kanstantsin Shautsou <gentoo.integer@gmail.com> wrote:
Read release notes. LDAP auth doesn't work.
On 27.03.2013, at 17:30, Darin Perusich <darin@darins.net> wrote:
Hello,
I'm attempting to configure ldap authentication in OBS 2.4 and get the warning "ldap_mode selected but 'ruby-ldap' module not installed." when I try to login w/an ldap account. I do have rubygem-ruby-ldap from the OBS:Server:2.4 repo installed and have restarted apache/passenger to ensure it's available. Any thoughts as to what's causing this?
-- Later, Darin -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
-- Adrian Schroeter SUSE Linux Products GmbH email: adrian@suse.de -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
On Freitag, 5. April 2013, 13:15:28 wrote Adrian Schröter:
JFYI, the new packages are there now.
Any success in using the LDAP support?
On Mittwoch, 27. März 2013, 11:45:40 wrote Darin Perusich:
doh...thanks -- Later, Darin
On Wed, Mar 27, 2013 at 11:21 AM, Kanstantsin Shautsou <gentoo.integer@gmail.com> wrote:
Read release notes. LDAP auth doesn't work.
On 27.03.2013, at 17:30, Darin Perusich <darin@darins.net> wrote:
Hello,
I'm attempting to configure ldap authentication in OBS 2.4 and get the warning "ldap_mode selected but 'ruby-ldap' module not installed." when I try to login w/an ldap account. I do have rubygem-ruby-ldap from the OBS:Server:2.4 repo installed and have restarted apache/passenger to ensure it's available. Any thoughts as to what's causing this?
-- Later, Darin -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
-- Adrian Schroeter SUSE Linux Products GmbH email: adrian@suse.de -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
On Thu, Apr 18, 2013 at 3:57 AM, Adrian Schröter <adrian@suse.de> wrote:
On Freitag, 5. April 2013, 13:15:28 wrote Adrian Schröter:
JFYI, the new packages are there now.
Any success in using the LDAP support?
I haven't had a chance to look at it yet but I'll see about making some time this morning.
On Mittwoch, 27. März 2013, 11:45:40 wrote Darin Perusich:
doh...thanks -- Later, Darin
On Wed, Mar 27, 2013 at 11:21 AM, Kanstantsin Shautsou <gentoo.integer@gmail.com> wrote:
Read release notes. LDAP auth doesn't work.
On 27.03.2013, at 17:30, Darin Perusich <darin@darins.net> wrote:
Hello,
I'm attempting to configure ldap authentication in OBS 2.4 and get the warning "ldap_mode selected but 'ruby-ldap' module not installed." when I try to login w/an ldap account. I do have rubygem-ruby-ldap from the OBS:Server:2.4 repo installed and have restarted apache/passenger to ensure it's available. Any thoughts as to what's causing this?
-- Later, Darin -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
-- Adrian Schroeter SUSE Linux Products GmbH email: adrian@suse.de
-- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
On Thu, Apr 18, 2013 at 8:01 AM, Darin Perusich <darin@darins.net> wrote:
On Thu, Apr 18, 2013 at 3:57 AM, Adrian Schröter <adrian@suse.de> wrote:
On Freitag, 5. April 2013, 13:15:28 wrote Adrian Schröter:
JFYI, the new packages are there now.
Any success in using the LDAP support?
I haven't had a chance to look at it yet but I'll see about making some time this morning.
So configured/enabled LDAP and auth is failing. I set logging to debug in the api and we see what appears to be the appropriate connection attempt but the ldap access_log tells a different story, it's attempting to auth as uid=wwwrun and not uid=dperusich. Relevant snippets from both the api and ldap logs are below. I'm running obs-server-2.3.96_19_gcdd2842-1.1.x86_64, just did a refresh this morning, and OpenDJ 2.4.5 for LDAP. API Debug Log: [INFO |#10025] Parameters: {"login"=>"dperusich"} [DEBUG|#10025] Validate XML request: #<ActionDispatch::Request:0x00000003b45340> [DEBUG|#10025] no schema found, skipping validation for {"format"=>"xml", "controller"=>"person", "action"=>"userinfo", "login"=>"dperusich", "method"=>"GET", "type"=>"request"} [DEBUG|#10025] Using LDAP to find dperusich [DEBUG|#10025] Looking for dperusich using ldap [DEBUG|#10025] Connecting to ds1.mydomain.com as 'cn=proxyagent,ou=profile,dc=mydomain,dc=com' [DEBUG|#10025] dperusich not found in LDAP. LDAP (OpenDJ) Access Log: [18/Apr/2013:08:59:01 -0400] CONNECT conn=3442680 from=10.100.90.71:59664 to=10.100.90.31:389 protocol=LDAP [18/Apr/2013:08:59:01 -0400] EXTENDED REQ conn=3442680 op=0 msgID=1 name="StartTLS" oid="1.3.6.1.4.1.1466.20037" [18/Apr/2013:08:59:01 -0400] EXTENDED RES conn=3442680 op=0 msgID=1 name="StartTLS" oid="1.3.6.1.4.1.1466.20037" result=0 etime=0 [18/Apr/2013:08:59:01 -0400] BIND REQ conn=3442680 op=1 msgID=2 type=SIMPLE dn="cn=proxyagent,ou=profile,dc=mydomain,dc=com" [18/Apr/2013:08:59:01 -0400] BIND RES conn=3442680 op=1 msgID=2 result=0 authDN="cn=proxyagent,ou=profile,dc=mydomain,dc=com" etime=0 [18/Apr/2013:08:59:01 -0400] SEARCH REQ conn=3442680 op=2 msgID=3 base="ou=people,dc=mydomain,dc=com" scope=singleLevel filter="(&(objectClass=posixAccount)(uid=wwwrun))" attrs="ALL" [18/Apr/2013:08:59:01 -0400] SEARCH RES conn=3442680 op=2 msgID=3 result=0 nentries=0 etime=0 [18/Apr/2013:08:59:01 -0400] SEARCH REQ conn=3442680 op=3 msgID=4 base="ou=group,dc=mydomain,dc=com" scope=singleLevel filter="(&(objectClass=posixGroup)(memberUid=wwwrun))" attrs="gidNumber" [18/Apr/2013:08:59:01 -0400] SEARCH RES conn=3442680 op=3 msgID=4 result=0 nentries=0 etime=3 -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
On 04/18/2013 03:35 PM, Darin Perusich wrote:
On Thu, Apr 18, 2013 at 8:01 AM, Darin Perusich <darin@darins.net> wrote:
On Thu, Apr 18, 2013 at 3:57 AM, Adrian Schröter <adrian@suse.de> wrote:
On Freitag, 5. April 2013, 13:15:28 wrote Adrian Schröter:
JFYI, the new packages are there now.
Any success in using the LDAP support?
I haven't had a chance to look at it yet but I'll see about making some time this morning.
So configured/enabled LDAP and auth is failing. I set logging to debug in the api and we see what appears to be the appropriate connection attempt but the ldap access_log tells a different story, it's attempting to auth as uid=wwwrun and not uid=dperusich. Relevant snippets from both the api and ldap logs are below.
I'm running obs-server-2.3.96_19_gcdd2842-1.1.x86_64, just did a refresh this morning, and OpenDJ 2.4.5 for LDAP.
I'm running 2.4.2_0_gee42028, ldap seems still not to work...
API Debug Log: [INFO |#10025] Parameters: {"login"=>"dperusich"} [DEBUG|#10025] Validate XML request: #<ActionDispatch::Request:0x00000003b45340> [DEBUG|#10025] no schema found, skipping validation for {"format"=>"xml", "controller"=>"person", "action"=>"userinfo", "login"=>"dperusich", "method"=>"GET", "type"=>"request"} [DEBUG|#10025] Using LDAP to find dperusich [DEBUG|#10025] Looking for dperusich using ldap [DEBUG|#10025] Connecting to ds1.mydomain.com as 'cn=proxyagent,ou=profile,dc=mydomain,dc=com' [DEBUG|#10025] dperusich not found in LDAP.
LDAP (OpenDJ) Access Log: [18/Apr/2013:08:59:01 -0400] CONNECT conn=3442680 from=10.100.90.71:59664 to=10.100.90.31:389 protocol=LDAP [18/Apr/2013:08:59:01 -0400] EXTENDED REQ conn=3442680 op=0 msgID=1 name="StartTLS" oid="1.3.6.1.4.1.1466.20037" [18/Apr/2013:08:59:01 -0400] EXTENDED RES conn=3442680 op=0 msgID=1 name="StartTLS" oid="1.3.6.1.4.1.1466.20037" result=0 etime=0 [18/Apr/2013:08:59:01 -0400] BIND REQ conn=3442680 op=1 msgID=2 type=SIMPLE dn="cn=proxyagent,ou=profile,dc=mydomain,dc=com" [18/Apr/2013:08:59:01 -0400] BIND RES conn=3442680 op=1 msgID=2 result=0 authDN="cn=proxyagent,ou=profile,dc=mydomain,dc=com" etime=0 [18/Apr/2013:08:59:01 -0400] SEARCH REQ conn=3442680 op=2 msgID=3 base="ou=people,dc=mydomain,dc=com" scope=singleLevel filter="(&(objectClass=posixAccount)(uid=wwwrun))" attrs="ALL" [18/Apr/2013:08:59:01 -0400] SEARCH RES conn=3442680 op=2 msgID=3 result=0 nentries=0 etime=0 [18/Apr/2013:08:59:01 -0400] SEARCH REQ conn=3442680 op=3 msgID=4 base="ou=group,dc=mydomain,dc=com" scope=singleLevel filter="(&(objectClass=posixGroup)(memberUid=wwwrun))" attrs="gidNumber" [18/Apr/2013:08:59:01 -0400] SEARCH RES conn=3442680 op=3 msgID=4 result=0 nentries=0 etime=3
-- Christian Schneemann Linux Consultant & Developer Tel.: +49-175-7250665 Mail: schneemann@b1-systems.de B1 Systems GmbH Osterfeldstraße 7 / 85088 Vohburg / http://www.b1-systems.de GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537 -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
Am Dienstag, 11. Juni 2013, 14:34:20 schrieb Christian Schneemann:
On 04/18/2013 03:35 PM, Darin Perusich wrote:
On Thu, Apr 18, 2013 at 8:01 AM, Darin Perusich <darin@darins.net> wrote:
On Thu, Apr 18, 2013 at 3:57 AM, Adrian Schröter <adrian@suse.de> wrote:
On Freitag, 5. April 2013, 13:15:28 wrote Adrian Schröter:
JFYI, the new packages are there now.
Any success in using the LDAP support?
I haven't had a chance to look at it yet but I'll see about making some time this morning.
So configured/enabled LDAP and auth is failing. I set logging to debug in the api and we see what appears to be the appropriate connection attempt but the ldap access_log tells a different story, it's attempting to auth as uid=wwwrun and not uid=dperusich. Relevant snippets from both the api and ldap logs are below.
I'm running obs-server-2.3.96_19_gcdd2842-1.1.x86_64, just did a refresh this morning, and OpenDJ 2.4.5 for LDAP.
I'm running 2.4.2_0_gee42028, ldap seems still not to work...
well, a pitty. however, please do not expect any debug time from me here. SUSE is not using LDAP and there are currently also no test cases for that support. sorry adrian -- Adrian Schroeter email: adrian@suse.de SUSE LINUX GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 21284 (AG Nürnberg) Maxfeldstraße 5 90409 Nürnberg Germany -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
On 06/11/2013 02:45 PM, Adrian Schröter wrote:
Am Dienstag, 11. Juni 2013, 14:34:20 schrieb Christian Schneemann:
On 04/18/2013 03:35 PM, Darin Perusich wrote:
On Thu, Apr 18, 2013 at 8:01 AM, Darin Perusich <darin@darins.net> wrote:
On Thu, Apr 18, 2013 at 3:57 AM, Adrian Schröter <adrian@suse.de> wrote:
On Freitag, 5. April 2013, 13:15:28 wrote Adrian Schröter:
JFYI, the new packages are there now.
Any success in using the LDAP support?
I haven't had a chance to look at it yet but I'll see about making some time this morning.
So configured/enabled LDAP and auth is failing. I set logging to debug in the api and we see what appears to be the appropriate connection attempt but the ldap access_log tells a different story, it's attempting to auth as uid=wwwrun and not uid=dperusich. Relevant snippets from both the api and ldap logs are below.
I'm running obs-server-2.3.96_19_gcdd2842-1.1.x86_64, just did a refresh this morning, and OpenDJ 2.4.5 for LDAP.
I'm running 2.4.2_0_gee42028, ldap seems still not to work...
well, a pitty. however, please do not expect any debug time from me here. SUSE is not using LDAP and there are currently also no test cases for that support.
OK, bad for us.. Is it possible to use authentication from apache in obs? So to use apaches possibilities for ldap and obs just uses the usernames as they are handed to it?
sorry adrian
-- Christian Schneemann Linux Consultant & Developer Tel.: +49-175-7250665 Mail: schneemann@b1-systems.de B1 Systems GmbH Osterfeldstraße 7 / 85088 Vohburg / http://www.b1-systems.de GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537 -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
On 06/11/2013 03:59 PM, Christian Schneemann wrote:
On 06/11/2013 02:45 PM, Adrian Schröter wrote:
Am Dienstag, 11. Juni 2013, 14:34:20 schrieb Christian Schneemann:
On 04/18/2013 03:35 PM, Darin Perusich wrote:
On Thu, Apr 18, 2013 at 8:01 AM, Darin Perusich <darin@darins.net> wrote:
On Thu, Apr 18, 2013 at 3:57 AM, Adrian Schröter <adrian@suse.de> wrote:
On Freitag, 5. April 2013, 13:15:28 wrote Adrian Schröter: > JFYI, the new packages are there now.
Any success in using the LDAP support?
I haven't had a chance to look at it yet but I'll see about making some time this morning.
So configured/enabled LDAP and auth is failing. I set logging to debug in the api and we see what appears to be the appropriate connection attempt but the ldap access_log tells a different story, it's attempting to auth as uid=wwwrun and not uid=dperusich. Relevant snippets from both the api and ldap logs are below.
I'm running obs-server-2.3.96_19_gcdd2842-1.1.x86_64, just did a refresh this morning, and OpenDJ 2.4.5 for LDAP.
I'm running 2.4.2_0_gee42028, ldap seems still not to work...
well, a pitty. however, please do not expect any debug time from me here. SUSE is not using LDAP and there are currently also no test cases for that support.
OK, bad for us.. Is it possible to use authentication from apache in obs? So to use apaches possibilities for ldap and obs just uses the usernames as they are handed to it?
worked, used proxy_auth_mode and set the headers correctly. But a colleague mentioned that ldap works in 2.4, so maybe just some update problems on my side.. Regards, Christian
sorry adrian
-- Christian Schneemann Linux Consultant & Developer Tel.: +49-175-7250665 Mail: schneemann@b1-systems.de B1 Systems GmbH Osterfeldstraße 7 / 85088 Vohburg / http://www.b1-systems.de GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537 -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org
participants (4)
-
Adrian Schröter -
Christian Schneemann -
Darin Perusich -
Kanstantsin Shautsou