cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <>
Subject [jira] [Commented] (CLOUDSTACK-10239) User LDAP authentication not working in UI (but works via API)
Date Thu, 25 Jan 2018 08:58:00 GMT


ASF GitHub Bot commented on CLOUDSTACK-10239:

DaanHoogland commented on issue #2430: CLOUDSTACK-10239 default provider if needed
   as it is a backwards compatibility issue, i am marking this as a blocker. happy to discuss

This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:

> User LDAP authentication not working in UI (but works via API)
> --------------------------------------------------------------
>                 Key: CLOUDSTACK-10239
>                 URL:
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Management Server
>    Affects Versions:
>         Environment: CentOS 7, KVM, MSAD
>            Reporter: Jean-Francois Nadeau
>            Assignee: Daan Hoogland
>            Priority: Major
> hi,
> I setup LDAP authentication with the microsoft AD ldap provider and get different behaviors
in the UI vs using the API (cs python cli)
> Through the UI,  I can see the list of our AD users using the "Add ldap account" action
but selecting a user and adding it returns there are no username by that name:
> INFO  [c.c.a.ApiServer] (qtp510113906-20:ctx-e32d5ff4 ctx-c3c50b46) (logid:89c8c538)
No LDAP user exists with the username of <user>
> Doing the same thing from though CLI works fine:
> $ cs ldapCreateAccount username=markp accounttype=1 account=admin
>  ...
> {
>  "account": "admin", 
>  "accountid": "0683fdb0-fbae-11e7-9574-96a9f76bb706", 
>  "accounttype": 1, 
>  "created": "2018-01-18T19:21:31+0000", 
>  "domain": "ROOT", 
>  "domainid": "d9bbe213-fbad-11e7-9574-96a9f76bb706", 
> "firstname": "Mark", 
>  "id": "5ed90ce8-5c54-4f72-8579-639947f5c368", 
>  "iscallerchilddomain": false, 
>  "isdefault": false, 
>  "lastname": "p", 
>  "roleid": "f8a368af-fbad-11e7-9574-96a9f76bb706", 
>  "rolename": "Root Admin", 
>  "roletype": "Admin", 
>  "state": "enabled", 
>  "username": "markp", 
>  "usersource": "ldap"
>  }
> Also,  once this user is added,  he can not login in the UI using his LDAP credentials
with the same error in the ms logs.  Then,  if i generate keys for that same admin user, 
he can use the API without problems.

This message was sent by Atlassian JIRA

View raw message