Hi Cedric, Thanks for your reply. I'm still stuck though as I do not know what to put in the UID attribute value.
Do you have a sample ldap_configuration file that I can use as a template? What kind of permissions are needed for the libuser on OpenLDAP? Thanks, Joe Gene On Wed, Dec 2, 2015 at 1:00 AM, <[email protected]> wrote: > Send Health-dev mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.gnu.org/mailman/listinfo/health-dev > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Health-dev digest..." > > > Today's Topics: > > 1. Help with LDAP configuration (Joe Gene Q) > 2. Re: Help with LDAP configuration (C?dric Krier) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Tue, 1 Dec 2015 10:17:28 +0800 > From: Joe Gene Q <[email protected]> > To: [email protected] > Subject: [Health-dev] Help with LDAP configuration > Message-ID: > < > canczftsmfvcjxf2jwg+kpuzqoxmjezqp5wmohk8sshmcx2g...@mail.gmail.com> > Content-Type: text/plain; charset="utf-8" > > Hi, > > I am trying to configure GNU Health to connect to an LDAP server for LDAP > based authentication. > > I got as far as adding an LDAP connection string in trytond.conf, and > getting the LDAP server and the tryton server to communicate and exchange > messages. > > I am now getting an error in my slapd log file, and I don't know how to > proceed. > > I installed ldap_authentication module ver 3.4.4, and I am using GNU Health > ver 2.8.1. The LDAP Server I am using runs on CENTOS 6 > > Would really appreciate the help. > > Here are the relevant logs, configurations: > > GNU Health Log > > [Tue Dec 01 01:53:30 2015] > ERROR:trytond.modules.ldap_authentication.res:LDAPError: {'desc': 'No such > object'} > [Tue Dec 01 01:53:31 2015] INFO:trytond.protocols.dispatcher:bad login or > password 'cameroncordara1' from ::ffff:192.168.2.3:9652 using JSON-RPC on > database 'gnuhealth_custom9_account_es' > > > var/log/slapd > > Nov 30 03:42:23 nethserver slapd[780]: conn=1271 fd=26 ACCEPT from IP= > 192.168.2.39:45632 (IP=0.0.0.0:389) > Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SRCH > base="cn=libuser,ou=people,dc=directory,dc=nh" scope=0 deref=0 > filter="(uid=cameroncordara1)" > Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SRCH attr=uid > Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SEARCH RESULT tag=101 > err=32 nentries=0 text= > Nov 30 03:42:24 nethserver slapd[780]: conn=1271 op=1 UNBIND > Nov 30 03:42:24 nethserver slapd[780]: conn=1271 fd=26 closed > > > trytond.conf > > [ldap_authentication] > # The URI to connect to the LDAP server. > #uri = ldap://host:port/dn?attributes?scope?filter?extensions > # A basic default URL could look like > uri = ldap://192.168.2.5:389/cn=libuser,ou=people,dc=directory,dc=nh > bind_pass = ***************** > > PHPLDAPAdmin > > User: Logged in as: uid=cameroncordara1,ou=People,dc=directory,dc=nh > > > Info on cameroncordara1: > # LDIF Export for uid=cameroncordara1,ou=People,dc=directory,dc=nh > # Server: Local LDAP Server (127.0.0.1) > # Search Scope: base > # Search Filter: (objectClass=*) > # Total Entries: 1 > # > # Generated by phpLDAPadmin (http://phpldapadmin.sourceforge.net) on > November 30, 2015 3:46 am > # Version: 1.2.3 > > version: 1 > > # Entry 1: uid=cameroncordara1,ou=People,dc=directory,dc=nh > dn: uid=cameroncordara1,ou=People,dc=directory,dc=nh > cn: Cameron Cordara > displayname: cameroncordara1 > gecos: cameroncordara1 > gidnumber: 5004 > givenname: Cameron > homedirectory: /var/lib/nethserver/home/cameroncordara1 > l: Hometown > loginshell: /usr/libexec/openssh/sftp-server > o: Example Org > objectclass: posixAccount > objectclass: shadowAccount > objectclass: inetOrgPerson > objectclass: sambaSamAccount > objectclass: person > ou: Main > sambaacctflags: [U ] > sambapasswordhistory: > 000000000000000000000000000000000000000000000000000000 > 0000000000 > sambapwdlastset: 1448868739 > sambasid: S-1-5-21-2926184770-3520563768-3089542549-1006 > shadowexpire: -1 > shadowflag: -1 > shadowinactive: -1 > shadowlastchange: 16769 > shadowmax: 180 > shadowmin: 0 > shadowwarning: 7 > sn: Cordara > street: 123 Main Street > telephonenumber: 575-1685 > uid: cameroncordara1 > uidnumber: 5004 > userpassword: > {CRYPT}$6$NVvlY8zarTpcLgCb$o6EW2dgBr0LDTKyUc/xRCqR3a1/YwLUzk./ > /rn0TMPB.Ff8J4zupWnEWJ0PdSWWY0GEu8folQ4AmCpWoBueFY1 > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://lists.gnu.org/archive/html/health-dev/attachments/20151201/66d76cd0/attachment.html > > > > ------------------------------ > > Message: 2 > Date: Tue, 1 Dec 2015 09:54:25 +0100 > From: C?dric Krier <[email protected]> > To: [email protected] > Subject: Re: [Health-dev] Help with LDAP configuration > Message-ID: <[email protected]> > Content-Type: text/plain; charset="utf-8" > > On 2015-12-01 10:17, Joe Gene Q wrote: > > Hi, > > > > I am trying to configure GNU Health to connect to an LDAP server for LDAP > > based authentication. > > > > I got as far as adding an LDAP connection string in trytond.conf, and > > getting the LDAP server and the tryton server to communicate and exchange > > messages. > > > > I am now getting an error in my slapd log file, and I don't know how to > > proceed. > > > > I installed ldap_authentication module ver 3.4.4, and I am using GNU > Health > > ver 2.8.1. The LDAP Server I am using runs on CENTOS 6 > > > > Would really appreciate the help. > > > > Here are the relevant logs, configurations: > > > > GNU Health Log > > > > [Tue Dec 01 01:53:30 2015] > > ERROR:trytond.modules.ldap_authentication.res:LDAPError: {'desc': 'No > such > > object'} > > [Tue Dec 01 01:53:31 2015] INFO:trytond.protocols.dispatcher:bad login or > > password 'cameroncordara1' from ::ffff:192.168.2.3:9652 using JSON-RPC > on > > database 'gnuhealth_custom9_account_es' > > > > > > var/log/slapd > > > > Nov 30 03:42:23 nethserver slapd[780]: conn=1271 fd=26 ACCEPT from IP= > > 192.168.2.39:45632 (IP=0.0.0.0:389) > > Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SRCH > > base="cn=libuser,ou=people,dc=directory,dc=nh" scope=0 deref=0 > > filter="(uid=cameroncordara1)" > > Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SRCH attr=uid > > Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SEARCH RESULT > tag=101 > > err=32 nentries=0 text= > > This looks like the search should not be on uid attribute. > You can configure the UID attribute in the configuration: > http://doc.tryton.org/3.4/modules/ldap_authentication/doc/index.html#uid > > > Nov 30 03:42:24 nethserver slapd[780]: conn=1271 op=1 UNBIND > > Nov 30 03:42:24 nethserver slapd[780]: conn=1271 fd=26 closed > > > > > > trytond.conf > > > > [ldap_authentication] > > # The URI to connect to the LDAP server. > > #uri = ldap://host:port/dn?attributes?scope?filter?extensions > > # A basic default URL could look like > > uri = ldap://192.168.2.5:389/cn=libuser,ou=people,dc=directory,dc=nh > > bind_pass = ***************** > > -- > C?dric Krier - B2CK SPRL > Email/Jabber: [email protected] > Tel: +32 472 54 46 59 > Website: http://www.b2ck.com/ > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: not available > Type: application/pgp-signature > Size: 345 bytes > Desc: not available > URL: < > http://lists.gnu.org/archive/html/health-dev/attachments/20151201/278e6ec7/attachment.pgp > > > > ------------------------------ > > _______________________________________________ > Health-dev mailing list > [email protected] > https://lists.gnu.org/mailman/listinfo/health-dev > > > End of Health-dev Digest, Vol 53, Issue 1 > ***************************************** >
