Hello all, I've been experimenting with the new ldap features that were released a few months ago (linkage<http://blog.gitorious.org/2012/10/25/ldap-authorization-lands-in-gitorious-mainline/>), and have noticed some interesting things.
I fired up a new VM and installed the latest gitorious using the new installer which worked fabulously. My users can sign in with their AD credentials successfully, a new user is generated for them, and everything seems ok. However, when I try to view any users profile, I am greeted with the good old 'Sorry something went wrong' error 500 page. The stack trace in production.log reveals: ActionView::TemplateError (Unable to connect to the LDAP server on >> MY-AD-SERVER:636. Are you sure the LDAP server is running?) on line #140 of >> app/views/users/show.html.erb: > > 137: <li style="clear:left"> > > 138: <span style="float:left; padding: 2px 10px 2px 2px"><%= >> image_tag(group.avatar.url(:thumb), :alt => "Avatar", :width => "16") >> %></span> <%= link_to h(group.name), group_path(group) -%> > > 139: </li><% end -%> > > 140: </ul><% end unless Team.for_user(@user).blank? -%> > > 141: </div> > > 142: <div class="clear"></div> > > 143: </div> > > >> lib/gitorious/authorization/ldap/connection.rb:36:in `bind_as' > > app/models/ldap_group.rb:121:in `ldap_group_names_for_user' > > app/models/ldap_group.rb:224:in `groups_for_user' > > app/models/finders/ldap_group_finder.rb:57:in `for_user' > > app/models/team.rb:66:in `send' > > app/models/team.rb:66:in `method_missing' > > app/views/users/show.html.erb:140 > > ... > I know that the LDAP server is working, and users are able to sign in via ldap auth just fine, I just can't view their profiles. I get a similar message when trying to add AD groups to the new Create Team dialog. My authentication.yml looks like the following: production: > > #disable_default: true > > methods: > > - adapter: Gitorious::Authentication::LDAPAuthentication > > host: MY-AD-SERVER.SAMPLE.COM > > port: 636 > > encryption: simple_tls > > base_dn: DC=SAMPLE,DC=COM > > bind_username: BINDUSER > > bind_password: HEYITSAPASSWORD > > username_attribute: sAMAccountName > > login_attribute: sAMAccountName > > membership_attribute_name: memberof > > members_attribute_name: member > > distinguished_name_template: "{}@SAMPLE.COM" > > attribute_mapping: > > mail: email > > > and I do have use_ldap_authorization: true in the gitorious.yml configuration file. Should I be using a different (new) format to specify the bind credentials? The sample shows # Specify a username/password to use for authenticated bind # NOTE: This is required when using LDAP for authorization #bind_user: # username: boss # password: sikret Thanks for your help, Charles -- -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com --- You received this message because you are subscribed to the Google Groups "Gitorious" group. To unsubscribe from this group and stop receiving emails from it, send an email to gitorious+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.