[ https://issues.apache.org/jira/browse/CLOUDSTACK-10239?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16340974#comment-16340974 ]
ASF subversion and git services commented on CLOUDSTACK-10239: -------------------------------------------------------------- Commit d6ce39b29b140adb1db33442997ff2e141d06226 in cloudstack's branch refs/heads/master from [~rohit.ya...@shapeblue.com] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=d6ce39b ] Merge branch '4.11' - CLOUDSTACK-10239: Fallback to default provider if needed (#2430) - CLOUDSTACK-10255: Fix agent logrotate (#2429) > User LDAP authentication not working in UI (but works via API) > -------------------------------------------------------------- > > Key: CLOUDSTACK-10239 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10239 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Management Server > Affects Versions: 4.11.0.0 > Environment: CentOS 7, KVM, MSAD > Reporter: Jean-Francois Nadeau > Assignee: Daan Hoogland > Priority: Major > > hi, > I setup LDAP authentication with the microsoft AD ldap provider and get > different behaviors in the UI vs using the API (cs python cli) > Through the UI, I can see the list of our AD users using the "Add ldap > account" action but selecting a user and adding it returns there are no > username by that name: > INFO [c.c.a.ApiServer] (qtp510113906-20:ctx-e32d5ff4 ctx-c3c50b46) > (logid:89c8c538) No LDAP user exists with the username of <user> > > Doing the same thing from though CLI works fine: > $ cs ldapCreateAccount username=markp accounttype=1 account=admin > ... > { > "account": "admin", > "accountid": "0683fdb0-fbae-11e7-9574-96a9f76bb706", > "accounttype": 1, > "created": "2018-01-18T19:21:31+0000", > "domain": "ROOT", > "domainid": "d9bbe213-fbad-11e7-9574-96a9f76bb706", > "firstname": "Mark", > "id": "5ed90ce8-5c54-4f72-8579-639947f5c368", > "iscallerchilddomain": false, > "isdefault": false, > "lastname": "p", > "roleid": "f8a368af-fbad-11e7-9574-96a9f76bb706", > "rolename": "Root Admin", > "roletype": "Admin", > "state": "enabled", > "username": "markp", > "usersource": "ldap" > } > > Also, once this user is added, he can not login in the UI using his LDAP > credentials with the same error in the ms logs. Then, if i generate keys > for that same admin user, he can use the API without problems. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)