This works for me on Cobbler 2.0.3.1 /etc/openldap/ldap.conf --- TLS_CACERT /etc/httpd/ssl/<AD_SERVER_CA_CERT>.cer TLS_REQCERT allow REFERRALS on
/etc/cobbler/settings --- ldap_server: "<IP_ADDRESS_AD_SERVER>" ldap_base_dn: "OU=<2ND_LEVEL_FOLDER>,OU=<1st_LEVEL_FOLDER>,DC=<DOMAIN>,DC=com" ldap_port: 389 ldap_tls: 0 ldap_anonymous_bind: 0 ldap_search_bind_dn: '<BIND_USER>@<SHORT_DOMAIN>' ldap_search_passwd: '<BIND_PASSWORD>' ldap_search_prefix: 'sAMAccountName=' HTH, byron From: cobbler-boun...@lists.fedorahosted.org [mailto:cobbler-boun...@lists.fedorahosted.org] On Behalf Of Alfonso Seguro Sent: Wednesday, April 13, 2011 8:29 PM To: cobbler Subject: cobbler and ldap errors, AD authentication Hi everyone, I've been trying to have cobbler to talk to our AD with no luck so far, I've been reading all related posts and wiki, but it keeps failing all the time :( My setting are: CentOS release 5.5 Python 2.4.3 openldap-2.3.43-12.el5_6.7.x86_64 cobbler 1.6.8 /etc/openldap/ldap.conf URI ldap://mydcip:389 BASE ou=ou1,ou=company,dc=company,dc=com BINDDN cn=connector,ou=ou1,ou=company,dc=company,dc=com BINDPW 'password' /etc/cobbler/settings ldap_server: "ldap://mydcip" ldap_base_dn: "ou=ou1,ou=company,DC=company,DC=com" ldap_port: 389 ldap_tls: 0 ldap_anonymous_bind: 0 ldap_search_bind_dn: 'CN=connector,ou=ou1,ou=company,dc=company,dc=com' ldap_search_passwd: 'password' ldap_search_prefix: 'uid=' /(and sAMAccountName=) ******* python /tmp/demo_connect.py --user=myaduser --pass=myadpassword - trying to login with user=myaduser Traceback (most recent call last): File "/tmp/demo_connect.py", line 37, in ? token = sp.login(options.user,options.password) File "/usr/lib64/python2.4/xmlrpclib.py", line 1096, in __call__ return self.__send(self.__name, args) File "/usr/lib64/python2.4/xmlrpclib.py", line 1383, in __request verbose=self.__verbose File "/usr/lib64/python2.4/xmlrpclib.py", line 1147, in request return self._parse_response(h.getfile(), sock) File "/usr/lib64/python2.4/xmlrpclib.py", line 1286, in _parse_response return u.close() File "/usr/lib64/python2.4/xmlrpclib.py", line 744, in close raise Fault(**self._stack[0]) xmlrpclib.Fault: <Fault 1: "ldap.LDAPError:(2, 'No such file or directory')"> ..just the 1st time I tried, after that I get all the time: raise Fault(**self._stack[0]) xmlrpclib.Fault: <Fault 1: "ldap.LDAPError:(11, 'Resource temporarily unavailable')"> /var/log/cobbler/cobblerd also show: - api - login attempt; user(myaduser) - api - Exception occured: ldap.LDAPError - api - Exception value: (11, 'Resource temporarily unavailable') - api - Exception Info: File "/usr/lib/python2.4/site-packages/cobbler/remote.py", line 1567, in _dispatch return method_handle(*params) File "/usr/lib/python2.4/site-packages/cobbler/remote.py", line 1027, in login if self.__validate_user(login_user,login_password): File "/usr/lib/python2.4/site-packages/cobbler/remote.py", line 939, in __validate_user return self.api.authenticate(input_user,input_password) File "/usr/lib/python2.4/site-packages/cobbler/api.py", line 668, in authenticate rc = self.authn.authenticate(self,user,password) File "/usr/lib/python2.4/site-packages/cobbler/modules/authn_ldap.py", line 81, in authenticate dir = ldap.initialize(uri) File "/usr/lib64/python2.4/site-packages/ldap/functions.py", line 85, in initialize return LDAPObject(uri,trace_level,trace_file,trace_stack_limit) File "/usr/lib64/python2.4/site-packages/ldap/ldapobject.py", line 67, in __init__ self._l = ldap.functions._ldap_function_call(_ldap.initialize,uri) File "/usr/lib64/python2.4/site-packages/ldap/functions.py", line 57, in _ldap_function_call result = func(*args,**kwargs) I've successfully run: ldapsearch -LLL -x -b 'ou=ou1,ou=company,dc=company,dc=com' -D CN=connector,ou=ou1,ou=company,dc=company,dc=com -w password -H ldap://mydcip:389 "sAMAccountName=*" /(and uid=*) Anything I am missing? Frankly I don't know what to do next, any advice will be appreciated. Thanks in advance, Alfonso
_______________________________________________ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler