LDAP Setup Noob Help

Thu, 28 Jul 2016 05:22:11 -0700 

I'm attempting to get the LDAP configuration to work. This is for LDAP with 
Active Directory. For the record I'm not an AD guy, I know what it is and 
what it does but have a little knowledge of how it works. I've learned some 
basic stuff over the last couple of days.

I can get it to at least do lookups on the login page but I get the "You 
don't have access to any account" error. From my understanding I need add 
the to Teams and then Environments. But when I go into teams I don't see 
any users even if I add my AD account to the accounts page. When I go into 
environments and try to add my particular AD group it can't find it.


Here's my config. (I had to blank out some things for security.)
I use a service account to do lookups and I know the service account is 
active. I've changed a lot of settings over and over again but have come up 
empty.

app[:configuration] = {
  :scalr => {
    # Tells Scalr to use LDAP for authentication
    :auth_mode => 'ldap',

    :connections => {
      :ldap => {
        # Tells Scalr what LDAP server to connect to
        :debug => 'true',
        :bind_type => 'regular',
        :host => 'ldap://ldap.foo.local',
        :port => '389',
        :user => 'CN=myaccount,OU=Service 
Accounts,OU=service,DC=fcoo,DC=local',
        :pass => 'password',

                # Tells Scalr where to look at for users and groups
        :base_dn => 'DC=foo,DC=local',
        :base_dn_groups => 'DC=foo,DC=local',

        # Tells Scalr what attributes to look at
        :username_attribute => 'sAMAccountName',
        :groupname_attribute => 'memberOf',

        # Tells Scalr how group membership is represented
        :group_member_attribute_type => 'memberOf',

        # Tells Scalr to use filters to speed up queries
        :filter => {
          :users => '(&(objectClass=user))',
          :groups => '(&(objectClass=group))',
        },

        # Uncomment for debug output if you can't login
        # :debug => 1,
      }
    }
  }
}

# This will be injected into your ldap.conf
#app[:ldap_configuration] = '
#TLS_CACERT /etc/ssl/ca-cert.pem




-- 
You received this message because you are subscribed to the Google Groups 
"scalr-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

Reply via email to