Mailinglist Archive: opensuse-buildservice (247 mails)

< Previous Next >
Re: [opensuse-buildservice] obs 2.4 and ldap
On 04/18/2013 03:35 PM, Darin Perusich wrote:
On Thu, Apr 18, 2013 at 8:01 AM, Darin Perusich <darin@xxxxxxxxxx> wrote:
On Thu, Apr 18, 2013 at 3:57 AM, Adrian Schröter <adrian@xxxxxxx> wrote:
On Freitag, 5. April 2013, 13:15:28 wrote Adrian Schröter:

JFYI, the new packages are there now.

Any success in using the LDAP support?

I haven't had a chance to look at it yet but I'll see about making
some time this morning.


So configured/enabled LDAP and auth is failing. I set logging to debug
in the api and we see what appears to be the appropriate connection
attempt but the ldap access_log tells a different story, it's
attempting to auth as uid=wwwrun and not uid=dperusich. Relevant
snippets from both the api and ldap logs are below.

I'm running obs-server-2.3.96_19_gcdd2842-1.1.x86_64, just did a
refresh this morning, and OpenDJ 2.4.5 for LDAP.

I'm running 2.4.2_0_gee42028, ldap seems still not to work...



API Debug Log:
[INFO |#10025] Parameters: {"login"=>"dperusich"}
[DEBUG|#10025] Validate XML request:
#<ActionDispatch::Request:0x00000003b45340>
[DEBUG|#10025] no schema found, skipping validation for
{"format"=>"xml", "controller"=>"person", "action"=>"userinfo",
"login"=>"dperusich", "method"=>"GET", "type"=>"request"}
[DEBUG|#10025] Using LDAP to find dperusich
[DEBUG|#10025] Looking for dperusich using ldap
[DEBUG|#10025] Connecting to ds1.mydomain.com as
'cn=proxyagent,ou=profile,dc=mydomain,dc=com'
[DEBUG|#10025] dperusich not found in LDAP.

LDAP (OpenDJ) Access Log:
[18/Apr/2013:08:59:01 -0400] CONNECT conn=3442680
from=10.100.90.71:59664 to=10.100.90.31:389 protocol=LDAP
[18/Apr/2013:08:59:01 -0400] EXTENDED REQ conn=3442680 op=0 msgID=1
name="StartTLS" oid="1.3.6.1.4.1.1466.20037"
[18/Apr/2013:08:59:01 -0400] EXTENDED RES conn=3442680 op=0 msgID=1
name="StartTLS" oid="1.3.6.1.4.1.1466.20037" result=0 etime=0
[18/Apr/2013:08:59:01 -0400] BIND REQ conn=3442680 op=1 msgID=2
type=SIMPLE dn="cn=proxyagent,ou=profile,dc=mydomain,dc=com"
[18/Apr/2013:08:59:01 -0400] BIND RES conn=3442680 op=1 msgID=2
result=0 authDN="cn=proxyagent,ou=profile,dc=mydomain,dc=com" etime=0
[18/Apr/2013:08:59:01 -0400] SEARCH REQ conn=3442680 op=2 msgID=3
base="ou=people,dc=mydomain,dc=com" scope=singleLevel
filter="(&(objectClass=posixAccount)(uid=wwwrun))" attrs="ALL"
[18/Apr/2013:08:59:01 -0400] SEARCH RES conn=3442680 op=2 msgID=3
result=0 nentries=0 etime=0
[18/Apr/2013:08:59:01 -0400] SEARCH REQ conn=3442680 op=3 msgID=4
base="ou=group,dc=mydomain,dc=com" scope=singleLevel
filter="(&(objectClass=posixGroup)(memberUid=wwwrun))"
attrs="gidNumber"
[18/Apr/2013:08:59:01 -0400] SEARCH RES conn=3442680 op=3 msgID=4
result=0 nentries=0 etime=3



--
Christian Schneemann
Linux Consultant & Developer
Tel.: +49-175-7250665
Mail: schneemann@xxxxxxxxxxxxx

B1 Systems GmbH
Osterfeldstraße 7 / 85088 Vohburg / http://www.b1-systems.de
GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537
--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-buildservice+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups