Yes I do. And I found that the python-ldap module was failing to load due to some missing symbols in libldap. Which is apparently a known problem on Mac OS X Server 10.7.x, so says http://projects.skurfer.com/posts/2011/python_ldap_lion/ . I applied his workaround of using an older python-ldap and now I'm back up.
Ian On Sat, Nov 12, 2011 at 7:27 AM, jack jack <jais...@gmail.com> wrote: > do you have server log? /etc/httpd/logs/error.log > > On Fri, Nov 11, 2011 at 12:39 PM, Mail Team <email....@gmail.com> wrote: > >> Excpet for the actual server address, they go like this. I'm not >> entirely sure what kind of LDAP server it is, but I think it's something >> like Mac OS X Server 10.6.8. (I don't run that system.) >> >> LDAP Server: ldap://my.ldap.server >> LDAP Base DN: cn=users,dc=ldap,dc=server >> Given Name Attribute: givenName >> Surname Attribute: sn >> Full Name Attribute: cn >> E-Mail Domain: <blank> >> E-Mail LDAP Attribute: mail >> Use TLS for authentication <off> >> User Mask: (uid=%s) >> Anonymous User Mask: <blank> >> Anonymous User Password: <blank> >> >> Ian >> >> >> On Thu, Nov 10, 2011 at 10:48 PM, Nilesh Jaiswal <nileshj...@gmail.com>wrote: >> >>> Could you get me following details. >>> >>> Login as admin to your reviewboard. >>> >>> 1. Click to setting tab. >>> 2. Click Authentication tab. >>> >>> and get me details of the field mentioned then i can help you further. >>> >>> LDAP Server: >>> LDAP Base DN: >>> User Mask: >>> Anonymous User Mask: >>> etc >>> >>> >>> >>> On Fri, Nov 11, 2011 at 11:35 AM, Mail Team <email....@gmail.com> wrote: >>> >>>> Oh, and I have a clone of the server if there's anything I can do for >>>> testing. My Python skills are somewhere between crappy and nonexistent, >>>> but I can follow directions and install whatever crazy stuff on my clone to >>>> help. >>>> >>>> Ian >>>> >>>> >>>> On Thu, Nov 10, 2011 at 9:59 PM, Mail Team <email....@gmail.com> wrote: >>>> >>>>> Sorry, to answer your question from a few days ago, LDAP logins aren't >>>>> currently working at all for me, either from the web UI or from >>>>> post-review. >>>>> >>>>> Ian >>>>> >>>>> >>>>> On Thu, Nov 10, 2011 at 2:54 AM, Nilesh Jaiswal >>>>> <nileshj...@gmail.com>wrote: >>>>> >>>>>> >>>>>> Hi Chris, >>>>>> >>>>>> The changes are done are as below please find the snippet. >>>>>> >>>>>> class LDAPBackend(AuthBackend): >>>>>> """Authenticate against a user on an LDAP server.""" >>>>>> name = _('LDAP') >>>>>> settings_form = LDAPSettingsForm >>>>>> >>>>>> def authenticate(self, username, password): >>>>>> username = username.strip() >>>>>> uid = settings.LDAP_UID_MASK % username >>>>>> logging.info("Start Authenticating username: %s" % username) >>>>>> logging.info("User UID is : %s" % uid) >>>>>> try: >>>>>> import ldap >>>>>> ldapo = ldap.initialize(settings.LDAP_URI) >>>>>> ldapo.set_option(ldap.OPT_REFERRALS, 0) >>>>>> ldapo.set_option(ldap.OPT_PROTOCOL_VERSION, 3) >>>>>> if settings.LDAP_TLS: >>>>>> ldapo.start_tls_s() >>>>>> >>>>>> * # May need to log in as the anonymous user before >>>>>> searching. >>>>>> Filter = '(&(objectClass=*)(sAMAccountName=%s))' % >>>>>> username >>>>>> Attrs=['displayName'] >>>>>> * >>>>>> if settings.LDAP_ANON_BIND_UID: >>>>>> ldapo.simple_bind_s(settings.LDAP_ANON_BIND_UID, >>>>>> settings.LDAP_ANON_BIND_PASSWD) >>>>>> >>>>>> *search = ldapo.search(settings.LDAP_BASE_DN, >>>>>> ldap.SCOPE_SUBTREE, Filter, Attrs)* >>>>>> >>>>>> if not search: >>>>>> # no such a user, return early, no need for bind >>>>>> attempts >>>>>> logging.warning("LDAP error: The specified object >>>>>> does not " >>>>>> "exist in the Directory: %s" % >>>>>> uid) >>>>>> return None >>>>>> * # Adding my code Start >>>>>> search = ldapo.search_s(settings.LDAP_BASE_DN, >>>>>> ldap.SCOPE_SUBTREE, Filter) >>>>>> # Adding my code End >>>>>> * >>>>>> >>>>>> Similar changes in >>>>>> def get_or_create_user(self, username): >>>>>> >>>>>> * Filter = '(&(objectClass=*)(sAMAccountName=%s))' % >>>>>> username >>>>>> Attrs=['displayName'] >>>>>> # passwd = ldapo.search_s(settings.LDAP_BASE_DN, >>>>>> # ldap.SCOPE_SUBTREE, >>>>>> # settings.LDAP_UID_MASK % >>>>>> username) >>>>>> passwd = ldapo.search_s(settings.LDAP_BASE_DN, >>>>>> ldap.SCOPE_SUBTREE, Filter, >>>>>> Attrs) >>>>>> * if len(password) == 0: >>>>>> # Don't try to bind using an empty password; the >>>>>> server will >>>>>> # return success, which doesn't mean we have >>>>>> authenticated. >>>>>> # http://tools.ietf.org/html/rfc4513#section-5.1.2 >>>>>> # http://tools.ietf.org/html/rfc4513#section-6.3.1 >>>>>> logging.warning("Empty password for: %s" % uid) >>>>>> return None >>>>>> >>>>>> ldapo.bind_s(search[0][0], password) >>>>>> >>>>>> return self.get_or_create_user(username) >>>>>> >>>>>> >>>>>> After this changes i was able to authenticate using LDAP user from RB >>>>>> GUI. This is my customize fix, if you have better fix please let us know. >>>>>> >>>>>> Regards, >>>>>> Nilesh >>>>>> >>>>>> On Thu, Nov 10, 2011 at 3:52 PM, Christian Hammond < >>>>>> chip...@chipx86.com> wrote: >>>>>> >>>>>>> Can you tell me what change you made? I'd like to get a fix into a >>>>>>> release. >>>>>>> >>>>>>> >>>>>>> Christian >>>>>>> >>>>>>> -- >>>>>>> Christian Hammond - chip...@chipx86.com >>>>>>> Review Board - http://www.reviewboard.org >>>>>>> VMware, Inc. - http://www.vmware.com >>>>>>> >>>>>>> >>>>>>> On Wed, Nov 9, 2011 at 11:45 PM, Nilesh Jaiswal < >>>>>>> nileshj...@gmail.com> wrote: >>>>>>> >>>>>>>> Its seems, you need to make the changes in the backends.py to add >>>>>>>> the filter for the LDAP user, I was also facing this issue then i add >>>>>>>> the >>>>>>>> filter and it started working for me >>>>>>>> >>>>>>>> >>>>>>>> On Tue, Nov 8, 2011 at 4:58 AM, Christian Hammond < >>>>>>>> chip...@chipx86.com> wrote: >>>>>>>> >>>>>>>>> Hi, >>>>>>>>> >>>>>>>>> Are you just having trouble with API logins using post-review, or >>>>>>>>> the website as well? >>>>>>>>> >>>>>>>>> There are some issues we haven't yet tracked down specifically >>>>>>>>> with LDAP logins with the API. I honestly don't know what's going on >>>>>>>>> there, >>>>>>>>> and nobody who has such a setup has been able to debug enough to >>>>>>>>> figure out >>>>>>>>> the root cause. >>>>>>>>> >>>>>>>>> Christian >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Christian Hammond - chip...@chipx86.com >>>>>>>>> Review Board - http://www.reviewboard.org >>>>>>>>> VMware, Inc. - http://www.vmware.com >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> On Mon, Nov 7, 2011 at 2:41 PM, Mail Team <email....@gmail.com>wrote: >>>>>>>>> >>>>>>>>>> And the server is ReviewBoard 1.6.1 with Django 1.3.1, Djblets >>>>>>>>>> 0.6.13, django_evolution 0.6.5. >>>>>>>>>> >>>>>>>>>> Ian >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Sun, Nov 6, 2011 at 1:13 AM, Mail Team <email....@gmail.com>wrote: >>>>>>>>>> >>>>>>>>>>> And the client was using Python 2.7 all along. It was using >>>>>>>>>>> RBTools 0.3.3, I tried updating them to 0.3.4 but that didn't make a >>>>>>>>>>> difference. >>>>>>>>>>> >>>>>>>>>>> Ian >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> On Sun, Nov 6, 2011 at 1:12 AM, Mail Team >>>>>>>>>>> <email....@gmail.com>wrote: >>>>>>>>>>> >>>>>>>>>>>> A bit more info: >>>>>>>>>>>> My old server used Python 2.6, my new server uses 2.7. >>>>>>>>>>>> >>>>>>>>>>>> $ post-review --debug -o dummyfile >>>>>>>>>>>> >>> RBTools 0.3.4 >>>>>>>>>>>> >>> Home = /path/to/my/home >>>>>>>>>>>> >>> svn info >>>>>>>>>>>> >>> diff --version >>>>>>>>>>>> >>> repository info: Path: svn+ssh://my.repository/url, Base >>>>>>>>>>>> path: /trunk, Supports changesets: False >>>>>>>>>>>> >>> svn propget reviewboard:url /path/to/my/working/copy/trunk >>>>>>>>>>>> >>> HTTP GETting api/ >>>>>>>>>>>> >>> HTTP GETting >>>>>>>>>>>> http://my.reviewboard.server/codereviews/api/info/ >>>>>>>>>>>> ==> HTTP Authentication Required >>>>>>>>>>>> Enter authorization information for "Web API" at >>>>>>>>>>>> mailteam.apple.com >>>>>>>>>>>> Username: iana >>>>>>>>>>>> Password: >>>>>>>>>>>> >>> Got API Error 103 (HTTP code 401): You are not logged in >>>>>>>>>>>> >>> Error data: {u'stat': u'fail', u'err': {u'msg': u'You are >>>>>>>>>>>> not logged in', u'code': 103}} >>>>>>>>>>>> Unable to log in with the supplied username and password. >>>>>>>>>>>> >>>>>>>>>>>> When I use post-review as above, I do get some logs but they're >>>>>>>>>>>> not all that helpful to me. >>>>>>>>>>>> DEBUG Attempting authentication on API for user iana >>>>>>>>>>>> DEBUG API Login failed. No valid user found. >>>>>>>>>>>> >>>>>>>>>>>> On Sun, Nov 6, 2011 at 1:43 AM, Mail Team >>>>>>>>>>>> <email....@gmail.com>wrote: >>>>>>>>>>>> >>>>>>>>>>>>> I moved my Review Board installation to a new server via >>>>>>>>>>>>> rb-site manage dumpdata/loaddata which seemed to go fine, but now >>>>>>>>>>>>> LDAP >>>>>>>>>>>>> logins don't work. If I go into the admin interface and click on >>>>>>>>>>>>> Logs, >>>>>>>>>>>>> there's nothing. Any idea how I could debug this? Any silly >>>>>>>>>>>>> gotchas that I >>>>>>>>>>>>> might be missing? >>>>>>>>>>>>> >>>>>>>>>>>>> Ian >>>>>>>>>>>>> >>>>>>>>>>>> -- >> Want to help the Review Board project? Donate today at >> http://www.reviewboard.org/donate/ >> Happy user? Let us know at http://www.reviewboard.org/users/ >> -~----------~----~----~----~------~----~------~--~--- >> To unsubscribe from this group, send email to >> reviewboard+unsubscr...@googlegroups.com >> For more options, visit this group at >> http://groups.google.com/group/reviewboard?hl=en >> > > -- > Want to help the Review Board project? Donate today at > http://www.reviewboard.org/donate/ > Happy user? Let us know at http://www.reviewboard.org/users/ > -~----------~----~----~----~------~----~------~--~--- > To unsubscribe from this group, send email to > reviewboard+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/reviewboard?hl=en > -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~----------~----~----~----~------~----~------~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en