Hi, I have just gotten past the issue with the master not starting or restarting. It starts now. But I am trying to login with an AD account and receive Authentication Error Occurred. Not sure what the syntax should be. I try domain\username and username@domain.local <mailto:username@domain.local> , or just username.
Mark Werner | Senior Systems Engineer | Cloud & Infrastructure Services Unisys | Mobile Phone 586.214.9017 | mark.wer...@unisys.com <mailto:mark.wer...@unisys.com> 11720 Plaza America Drive, Reston, VA 20190 <http://www.unisys.com/> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all devices. <http://www.linkedin.com/company/unisys> <http://twitter.com/unisyscorp> <https://plus.google.com/+UnisysCorp/posts> <http://www.youtube.com/theunisyschannel> <http://www.facebook.com/unisyscorp> <https://vimeo.com/unisys> <http://blogs.unisys.com/> From: Rodrigo Bersa [mailto:rbe...@redhat.com] Sent: Wednesday, July 12, 2017 3:00 PM To: Javier Palacios <jpalac...@net4things.com> Cc: Werner, Mark <mark.wer...@unisys.com>; users@lists.openshift.redhat.com Subject: Re: OpenShift Origin Active Directory Authentication Hi Mark, I believe maybe the syntax is not right.. Could you try this? oauthConfig: assetPublicURL: <https://master.domain.local:8443/console/> https://master.domain.local:8443/console/ grantConfig: method: auto identityProviders: - challenge: true login: true mappingMethod: claim name: Active_Directory provider: apiVersion: v1 kind: LDAPPasswordIdentityProvider attributes: id: - dn email: - mail name: - cn preferredUsername: - uid bindDN: "cn=openshift,cn=users,dc=domain,dc=local" bindPassword: "password" insecure: true url: ldap://dc.domain.local:389/cn=users,dc=domain,dc=local?uid masterPublicURL: <https://master.domain.local:8443> https://master.domain.local:8443 masterURL: <https://master.domain.local:8443> https://master.domain.local:8443 Best regards, Rodrigo Bersa Cloud Consultant, RHCVA, RHCE <https://www.redhat.com> Red Hat Brasil <mailto:rbe...@redhat.com> rbe...@redhat.com M: <tel:+55-11-99557-5841> +55 11 99557-5841 <http://www.redhat.com.br> <https://redhat.com/trusted> TRIED. TESTED. TRUSTED. On Wed, Jul 12, 2017 at 2:15 PM, Javier Palacios <jpalac...@net4things.com <mailto:jpalac...@net4things.com> > wrote: > I did try sAMAccountName at first and was getting the same results. Then I > had read that variable was for older Windows machines so I tried uid as that > was the other example I saw. The relevant part of my master-config.yaml is below, and appart from using ldaps, I don't see any other difference. If the uid attribute is valid on your schema, the yours seems ok. Javier Palacios identityProviders: - challenge: true login: true mappingMethod: claim name: n4tdc1 provider: apiVersion: v1 attributes: email: - mail id: - dn name: - cn preferredUsername: - sAMAccountName bindDN: CN=openshift,OU=N4T-USERS,dc=net4things,dc=local bindPassword: ******** ca: ad-ldap-ca.crt insecure: false kind: LDAPPasswordIdentityProvider url: ldaps://n4tdc1.net4things.local/dc=net4things,dc=local?sAMAccountName _______________________________________________ users mailing list users@lists.openshift.redhat.com <mailto:users@lists.openshift.redhat.com> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users