On 6 February 2013 14:15, Vassilis Vatikiotis <vatik...@iit.demokritos.gr> wrote: > Hello all, > > I'm trying to enable the LDAP auth method so my users can login to > OCCI web UI and although I've followed the steps from the docs in ONE > site so far I haven;t managed it. > > The /etc/one/oned.conf AUTH_MAD section is: > AUTH_MAD = [ > executable = "one_auth_mad", > authn = "ssh,x509,ldap,default,server_cipher,server_x509" > ] > > The /etc/one/auth/ldap_auth.conf is: > server 1: > :user: 'cn=xxx,ou=xxxx,dc=xxx,dc=xxx,dc=xxx' > :password: 'xxxx' > :auth_method: :simple > :host: 'ldap.xxx.xxx.xxx' > :port: 389 > :base: 'ou=xxx,dc=xxx,dc=xxx,dc=xxx' > :user_field: 'uid' > > :order: > - server 1 > > The above ldap setting work as I've tested them inside irb, using the > ruby class defined in /etc/lib/one/ruby/ldap_auth.rb. I can search my > LDAP database and get results > > I've also copied the ldap directory to a default one, like, > $ cp -R /var/lib/one/remotes/auth/ldap /var/lib/one/remotes/auth/default > > What puzzles me is that whenever I try to login to OCCI (or sunstone) > I cannot see any auth related queries in /var/log/one/oned.log. It's > as if the ldap and default settings in authn of AUTH_MAD are completly > ignored. At the same time, no queries are performed in the LDAP > backend. > > I haven't done the last step where a $HOME/.one/one_auth file > containing a user_dn:password > entry cause I'm unsure of what it means. > > Any ideas?
You have to change the ":auth" parameter in occi-server.conf and sunstone-server-conf to use the 'opennebula' auth method. After the first login the user will be created in OpenNebula. http://opennebula.org/documentation:rel3.8:sunstone#opennebula_auth Cheers -- Daniel Molina Project Engineer OpenNebula - The Open Source Solution for Data Center Virtualization www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula _______________________________________________ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org