cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-10239) User LDAP authentication not working in UI (but works via API)
Date Fri, 26 Jan 2018 12:03:00 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-10239?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16340962#comment-16340962
] 

ASF GitHub Bot commented on CLOUDSTACK-10239:
---------------------------------------------

rhtyd commented on issue #2430: CLOUDSTACK-10239 default provider if needed
URL: https://github.com/apache/cloudstack/pull/2430#issuecomment-360767857
 
 
   Test LGTM, most of the the failures were caused by a fake public IP range added by test_public_ip_range.py
that failed download urls for iso/volume/template.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> User LDAP authentication not working in UI (but works via API)
> --------------------------------------------------------------
>
>                 Key: CLOUDSTACK-10239
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10239
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Management Server
>    Affects Versions: 4.11.0.0
>         Environment: CentOS 7, KVM, MSAD
>            Reporter: Jean-Francois Nadeau
>            Assignee: Daan Hoogland
>            Priority: Major
>
> hi,
> I setup LDAP authentication with the microsoft AD ldap provider and get different behaviors
in the UI vs using the API (cs python cli)
> Through the UI,  I can see the list of our AD users using the "Add ldap account" action
but selecting a user and adding it returns there are no username by that name:
> INFO  [c.c.a.ApiServer] (qtp510113906-20:ctx-e32d5ff4 ctx-c3c50b46) (logid:89c8c538)
No LDAP user exists with the username of <user>
>  
> Doing the same thing from though CLI works fine:
> $ cs ldapCreateAccount username=markp accounttype=1 account=admin
>  ...
> {
>  "account": "admin", 
>  "accountid": "0683fdb0-fbae-11e7-9574-96a9f76bb706", 
>  "accounttype": 1, 
>  "created": "2018-01-18T19:21:31+0000", 
>  "domain": "ROOT", 
>  "domainid": "d9bbe213-fbad-11e7-9574-96a9f76bb706", 
> "firstname": "Mark", 
>  "id": "5ed90ce8-5c54-4f72-8579-639947f5c368", 
>  "iscallerchilddomain": false, 
>  "isdefault": false, 
>  "lastname": "p", 
>  "roleid": "f8a368af-fbad-11e7-9574-96a9f76bb706", 
>  "rolename": "Root Admin", 
>  "roletype": "Admin", 
>  "state": "enabled", 
>  "username": "markp", 
>  "usersource": "ldap"
>  }
>  
> Also,  once this user is added,  he can not login in the UI using his LDAP credentials
with the same error in the ms logs.  Then,  if i generate keys for that same admin user, 
he can use the API without problems.
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message