From issues-return-89409-archive-asf-public=cust-asf.ponee.io@cloudstack.apache.org Wed Jan 24 19:00:13 2018 Return-Path: X-Original-To: archive-asf-public@eu.ponee.io Delivered-To: archive-asf-public@eu.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by mx-eu-01.ponee.io (Postfix) with ESMTP id 85444180630 for ; Wed, 24 Jan 2018 19:00:13 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 76339160C4E; Wed, 24 Jan 2018 18:00:13 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id BBD30160C39 for ; Wed, 24 Jan 2018 19:00:12 +0100 (CET) Received: (qmail 73504 invoked by uid 500); 24 Jan 2018 18:00:06 -0000 Mailing-List: contact issues-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list issues@cloudstack.apache.org Received: (qmail 73495 invoked by uid 500); 24 Jan 2018 18:00:06 -0000 Delivered-To: apmail-incubator-cloudstack-issues@incubator.apache.org Received: (qmail 73492 invoked by uid 99); 24 Jan 2018 18:00:06 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 24 Jan 2018 18:00:06 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 79C5D1A0C18 for ; Wed, 24 Jan 2018 18:00:06 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -99.911 X-Spam-Level: X-Spam-Status: No, score=-99.911 tagged_above=-999 required=6.31 tests=[KAM_ASCII_DIVIDERS=0.8, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_WHITELIST=-100] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id AEzOEEHyLmrB for ; Wed, 24 Jan 2018 18:00:01 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 5DDF55F590 for ; Wed, 24 Jan 2018 18:00:01 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id CC5F4E0F6E for ; Wed, 24 Jan 2018 18:00:00 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 64736240FA for ; Wed, 24 Jan 2018 18:00:00 +0000 (UTC) Date: Wed, 24 Jan 2018 18:00:00 +0000 (UTC) From: "ASF GitHub Bot (JIRA)" To: cloudstack-issues@incubator.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (CLOUDSTACK-10239) User LDAP authentication not working in UI (but works via API) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/CLOUDSTACK-10239?page=3Dcom.atl= assian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId= =3D16337987#comment-16337987 ]=20 ASF GitHub Bot commented on CLOUDSTACK-10239: --------------------------------------------- rhtyd commented on a change in pull request #2430: CLOUDSTACK-10239 default= provider if needed URL: https://github.com/apache/cloudstack/pull/2430#discussion_r163627731 =20 =20 ########## File path: plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/= command/LinkDomainToLdapCmd.java ########## @@ -54,11 +54,11 @@ @Parameter(name =3D ApiConstants.TYPE, type =3D CommandType.STRING, re= quired =3D true, description =3D "type of the ldap name. GROUP or OU") private String type; =20 - @Parameter(name =3D ApiConstants.LDAP_DOMAIN, type =3D CommandType.STR= ING, required =3D true, description =3D "name of the group or OU in LDAP") + @Parameter(name =3D ApiConstants.LDAP_DOMAIN, type =3D CommandType.STR= ING, required =3D false, description =3D "name of the group or OU in LDAP") private String ldapDomain; =20 @Deprecated - @Parameter(name =3D ApiConstants.NAME, type =3D CommandType.STRING, re= quired =3D true, description =3D "name of the group or OU in LDAP") + @Parameter(name =3D ApiConstants.NAME, type =3D CommandType.STRING, re= quired =3D false, description =3D "name of the group or OU in LDAP") =20 Review comment: Same as previous comment ^^ ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. =20 For queries about this service, please contact Infrastructure at: users@infra.apache.org > User LDAP authentication not working in UI (but works via API) > -------------------------------------------------------------- > > Key: CLOUDSTACK-10239 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-102= 39 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the defa= ult.)=20 > Components: Management Server > Affects Versions: 4.11.0.0 > Environment: CentOS 7, KVM, MSAD > Reporter: Jean-Francois Nadeau > Assignee: Daan Hoogland > Priority: Major > > hi, > I setup LDAP authentication with the microsoft AD ldap provider and=C2=A0= get different behaviors in the UI vs using the API (cs python cli) > Through the UI,=C2=A0 I can see the list of our AD users using the "Add l= dap account" action but selecting a user and adding=C2=A0it=C2=A0returns th= ere are no username by that name: > INFO=C2=A0 [c.c.a.ApiServer] (qtp510113906-20:ctx-e32d5ff4 ctx-c3c50b46) = (logid:89c8c538) No LDAP user exists with the username of > =C2=A0 > Doing the same thing from though CLI works fine: > $ cs ldapCreateAccount username=3Dmarkp accounttype=3D1 account=3Dadmin > =C2=A0... > { > "account": "admin",=20 > "accountid": "0683fdb0-fbae-11e7-9574-96a9f76bb706",=20 > "accounttype": 1,=20 > "created": "2018-01-18T19:21:31+0000",=20 > "domain": "ROOT",=20 > "domainid": "d9bbe213-fbad-11e7-9574-96a9f76bb706",=20 > "firstname": "Mark",=20 > "id": "5ed90ce8-5c54-4f72-8579-639947f5c368",=20 > "iscallerchilddomain": false,=20 > "isdefault": false,=20 > "lastname": "p",=20 > "roleid": "f8a368af-fbad-11e7-9574-96a9f76bb706",=20 > "rolename": "Root Admin",=20 > "roletype": "Admin",=20 > "state": "enabled",=20 > "username": "markp",=20 > "usersource": "ldap" > } > =C2=A0 > Also,=C2=A0 once this user is added,=C2=A0 he can not login in the UI usi= ng his LDAP credentials with the same error in the ms logs.=C2=A0 Then,=C2= =A0 if i generate keys for that same admin user,=C2=A0 he can use the API w= ithout problems. > =C2=A0 -- This message was sent by Atlassian JIRA (v7.6.3#76005)