Hi Gilles, Could you confirm your Scalr version?
Many thanks, Wm. Marc O'Brien Scalr Technical Support On Monday, July 4, 2016 at 5:26:22 AM UTC-6, Gilles O wrote: > > Hi, > > this is what i get when authneticating using LDAP credentials : > Could not perform ldap_search. Protocol error35:19 - LdapClient v-0.5 > 35:19 - isValidUser is called. > 35:19 - LDAP Server is:ldap://server.example.com port:389 - OK > 35:19 - Bind username:UID=loginname,OU=User,OU=People,DC=example,DC=com > password:********* - OK > 35:19 - Query baseDn (2):UID=loginname,OU=User,OU=People,DC=example,DC=com > filter:(&(&(objectClass=posixAccount))(UID=*)), attributes: dn, memberof, > mail, givenname - OK > 35:19 - Query result count: 1 > 35:19 - Email has been retrieved: [email protected] > 35:19 - Full name has been retrieved: givenNameValue > 35:19 - Query result memberofDn: 1 > 35:19 - Query result DN: uid=loginname,ou=User,ou=People,dc=example,dc=com > 35:19 - Bind username:uid=loginname,ou=User,ou=People,dc=example,dc=com > password:********* - OK > 35:19 - getUserGroups is called. > 35:19 - Query user's groups > baseDn:OU=CloudProject,OU=Group,DC=example,DC=com filter: - Failed > > > > A manual LDAP search made (anonymously) returns : > > ldapsearch -H ldap://localhost -x -b > ou=CloudProject,ou=Group,dc=example,dc=com '(&(objectClass=groupOfNames))' > cn > > # extended LDIF > # > # LDAPv3 > # base <ou=CloudProject,ou=Group,dc=example,dc=com> with scope subtree > # filter: (&(objectClass=groupOfNames)) > # requesting: cn > # > > # Audes, AUDES, Enedis, Group, enedis.oper > *dn: > cn=groupname,ou=businessUnitName,ou=CloudProject,ou=Group,dc=example,dc=com* > *cn: groupname* > > # search result > search: 2 > result: 0 Success > > # numResponses: 2 > # numEntries: 1 > > > This is my scalr-server.rb config > :ldap => { > # Tells Scalr what LDAP server to connect to > :bind_type => 'openldap', > :host => 'ldap://server.example.com', > :port => '389', > # Tells Scalr where to look at for users and groups > :base_dn => 'OU=User,OU=People,DC=example,DC=com', > :base_dn_groups => 'OU=cloudProject,OU=Group,DC=example,DC=com', > > # Tells Scalr what attributes to look at > :username_attribute => 'UID', > :groupname_attribute => 'CN', > > # Tells Scalr the attribute that contains the user's fullName attribute > :fullname_attribute => 'givenName', > :mail_attribute => 'mail', > > # Tells Scalr how group membership is represented > :group_member_attribute_type => 'member', > :group_nesting => 0 , > > # Tells Scalr to use filters to speed up queries > :filter => { > :users => '(&(objectClass=posixAccount))', > :groups => '(&(objectClass=groupOfNames))', > }, > # Uncomment for debug output if you can't login > :debug => 1, > } > > I understand that : > - the initial bind is successful (it says password is ok, and the > additional attributes (libke mail and givenname) are clean. > - the subsequent getUserGroups routine call seems to be using a wrong > filter somehow > > Other symptoms i've got : > when creating teams, no members are fetched whatever the filter value i > setup. > > Is there something i can have a look into ? Do you have some suggestions ? > Thanks > > -- You received this message because you are subscribed to the Google Groups "scalr-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
