Hello Shinichi, On 12-Mar-13 3:15 PM, Shinichi Kai wrote:
Hello Rumi,I set LDAP Authentication "enabled" on an imported user and tried to log in to Virtuoso with isql. However, I got "CL034: Bad login" error and Virtuoso did not make any LDAP requests to the LDAP server. I checked this by looking at the LDAP server log file. Do you have any ideas what causes this behavior? Am I missing something?
By default when importing users, they have setting "User type" set to "WebDAV". You can check this from Virtuoso Conductor->System Admin->User Accounts->your-user Edit ->field "User type".
Here is what you should do in order to be able to log in into iSQL with your user imported from a given LDAP server:
1) Make sure you have set in Virtuoso ini the SQL_ENCRYPTION_ON_PASSWORD parameter to 1 in the [Client] section, i.e.:
;virtuoso.ini .... [Client] SQL_ENCRYPTION_ON_PASSWORD = 1 ...2) Set the "User type" of the imported LDAP user to be "SQL/ODBC" -- Virtuoso Conductor->System Admin->User Accounts->your-user Edit ->field "User type".
3) Log in into iSQL: isql host:port user-name user-password We shortly will update our doc to reflect the steps from above. Best Regards, Rumi
My environment is following: - Cent OS 6.3 64bit - Virtuoso Open-Source Edition v6.1.6 (http://sourceforge.net/projects/virtuoso/files/virtuoso/6.1.6/virtuoso-opensource-6.1.6.tar.gz/download) - Open LDAP 2.4.23 Regards, Shinichi On Tue, Mar 12, 2013 at 12:16 AM, Rumi <[email protected]> wrote:Hello Kai, On 11-Mar-13 3:32 PM, Shinichi Kai wrote:Hello Rumi, Thank you for your prompt reply.for ex. if "enabled", user will be able to perform LDAP Authentication etc.How do I perform LDAP Authentication during login to Virtuoso (e.g. isql or sparql-auth endpoint, etc.)? I enabled LDAP Authentication on an already imported user and tried to login to isql with the imported user, but I got "CL034: Bad login" error. If I disable LDAP Authentication on the imported user, I successfully login to isql with the imported user. I believe that I am able to perform LDAP Authentication by utilizing procedures and ldap_search() function described here (http://docs.openlinksw.com/virtuoso/databaseadmsrv.html#usermodel). What does Virtuoso actually do when LDAP Authentication is set to "enabled" in the Conductor's Editing Account? And, what if LDAP Authentication is set to "account check"?-- if set to "enabled", then on an attempt to log in into Virtuoso, the system tries to log in into the LDAP server with the given username and password. If this succeeds, then the user logs in successfully in Virtuoso. -- if set to "account check", then on an attempt to log in into Virtuoso, the system performs a check if there is such an user on the LDAP server. If yes, then the user logs in successfully in Virtuoso. Best Regards, RumiI searched the documentation for this feature but I couldn't find it. Do I have a misunderstanding about Virtuoso's LDAP Authentication feature? Regards, Shinichi On Mon, Mar 11, 2013 at 2:24 AM, Rumi <[email protected]> wrote:Hello Kai, On 10-Mar-13 4:03 AM, Kai Shinichi wrote: Hello experts, I installed Virtuoso Open-Source Edition v6.1.6 and successfully imported users by "LDAP Import" in Virtuoso Conductor. When I imported users in Virtuoso Conductor, I saw "LDAP Authentication" pull-down menu in "Map LDAP Search data" screen but I couldn't find any documentation for this pull-down menu. Is there any useful documentation for that? The LDAP Authentication drop-down values are respectively: disabled, enabled, account check. Depending on what was selected for a desired user to be imported, this will be added as an LDAP Authentication value for the user in question to the Virtuoso DB. You can check for an already imported user from Virtuoso Conductor -> System Admin -> User Accounts -> User (Edit)-> "LDAP Authentication", for ex. if "enabled", user will be able to perform LDAP Authentication etc. Best Regards, Rumi Regards, Shinichi ------------------------------------------------------------------------------ Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the endpoint security space. For insight on selecting the right partner to tackle endpoint security challenges, access the full report. http://p.sf.net/sfu/symantec-dev2dev _______________________________________________ Virtuoso-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/virtuoso-users------------------------------------------------------------------------------ Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the endpoint security space. For insight on selecting the right partner to tackle endpoint security challenges, access the full report. http://p.sf.net/sfu/symantec-dev2dev _______________________________________________ Virtuoso-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/virtuoso-users------------------------------------------------------------------------------ Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the endpoint security space. For insight on selecting the right partner to tackle endpoint security challenges, access the full report. http://p.sf.net/sfu/symantec-dev2dev _______________________________________________ Virtuoso-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/virtuoso-users
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the endpoint security space. For insight on selecting the right partner to tackle endpoint security challenges, access the full report. http://p.sf.net/sfu/symantec-dev2dev
_______________________________________________ Virtuoso-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/virtuoso-users
