cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-10239) User LDAP authentication not working in UI (but works via API)
Date Fri, 26 Jan 2018 12:13:00 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-10239?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16340973#comment-16340973
] 

ASF subversion and git services commented on CLOUDSTACK-10239:
--------------------------------------------------------------

Commit 6aadbc521950964b86d2912c874800cead1b7496 in cloudstack's branch refs/heads/master from
[~dahn]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=6aadbc5 ]

CLOUDSTACK-10239: Fallback to default provider if needed (#2430)

Fallback to default provider if needed.

> User LDAP authentication not working in UI (but works via API)
> --------------------------------------------------------------
>
>                 Key: CLOUDSTACK-10239
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10239
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Management Server
>    Affects Versions: 4.11.0.0
>         Environment: CentOS 7, KVM, MSAD
>            Reporter: Jean-Francois Nadeau
>            Assignee: Daan Hoogland
>            Priority: Major
>
> hi,
> I setup LDAP authentication with the microsoft AD ldap provider and get different behaviors
in the UI vs using the API (cs python cli)
> Through the UI,  I can see the list of our AD users using the "Add ldap account" action
but selecting a user and adding it returns there are no username by that name:
> INFO  [c.c.a.ApiServer] (qtp510113906-20:ctx-e32d5ff4 ctx-c3c50b46) (logid:89c8c538)
No LDAP user exists with the username of <user>
>  
> Doing the same thing from though CLI works fine:
> $ cs ldapCreateAccount username=markp accounttype=1 account=admin
>  ...
> {
>  "account": "admin", 
>  "accountid": "0683fdb0-fbae-11e7-9574-96a9f76bb706", 
>  "accounttype": 1, 
>  "created": "2018-01-18T19:21:31+0000", 
>  "domain": "ROOT", 
>  "domainid": "d9bbe213-fbad-11e7-9574-96a9f76bb706", 
> "firstname": "Mark", 
>  "id": "5ed90ce8-5c54-4f72-8579-639947f5c368", 
>  "iscallerchilddomain": false, 
>  "isdefault": false, 
>  "lastname": "p", 
>  "roleid": "f8a368af-fbad-11e7-9574-96a9f76bb706", 
>  "rolename": "Root Admin", 
>  "roletype": "Admin", 
>  "state": "enabled", 
>  "username": "markp", 
>  "usersource": "ldap"
>  }
>  
> Also,  once this user is added,  he can not login in the UI using his LDAP credentials
with the same error in the ms logs.  Then,  if i generate keys for that same admin user, 
he can use the API without problems.
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message