cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pierre-Luc Dion <pd...@cloudops.com>
Subject Re: AD LDAP authentication failing post CS 4.2.1 to CS 4.3 upgrade
Date Thu, 24 Apr 2014 14:31:43 GMT
We just ran into the same issue from CS 4.2.1 to 4.3, look like just
updating global settings (from previous messages) to:
ldap.username.attribute = sAMAccountName
ldap.user.object  = user

and restart cloudstack-management did resolve the issue in our case. I
haven't test it using SSL yet.




Pierre-Luc Dion
Architecte de Solution Cloud | Cloud Solutions Architect
855-OK-CLOUD (855-652-5683) x1101
- - -

*CloudOps*420 rue Guy
Montréal QC  H3J 1S6
www.cloudops.com
@CloudOps_


On Thu, Apr 10, 2014 at 3:10 AM, Antonio Packery <
Antonio.Packery@t-systems.co.za> wrote:

> Thats the strange bit, i can add the ldap server which in essence means
> the ldap configuration works but when i try to add a user it fails.
>
> Is there any enhanced debugging i can enable to see what happens when the
> ldap bind/list happens?
>
> On 04/10/2014 08:59 AM, Ian Duffy wrote:
>
> No. Email is only required for imported users as we must create a
> cloudstack account for them and that requires an email address.
>
> When you add an ldap server cloudstack attempts to bind to it to validate
> your settings. If the bind fails the server will not add.
> On Apr 10, 2014 7:32 AM, "Antonio Packery" <
> Antonio.Packery@t-systems.co.za><mailto:Antonio.Packery@t-systems.co.za>
> wrote:
>
> > Are there mandatory attributes that need to exist for the
> > ldap.bind.principal account .e.g. email addy etc?
> >
> > On 04/10/2014 08:19 AM, Ian Duffy wrote:
> >
> > Sorry about the delay on replying. My new $dayJob restricts gmail/gapps
> > access.
> >
> > I am not using LDAPS at the moment. I have tested it in 4.3 and
> > confirmed that it worked some time ago though..
> >
> >
> > Disclaimer: This message and/or attachment(s) may contain privileged,
> > confidential and/or personal information. If you are not the intended
> > recipient you may not disclose or distribute any of the information
> > contained within this message. In such case you must destroy this message
> > and inform the sender of the error. T-Systems does not accept liability
> for
> > any errors, omissions, information and viruses contained in the
> > transmission of this message. Any opinions, conclusions and other
> > information contained within this message not related to T-Systems'
> > official business is deemed to be that of the individual only and is not
> > endorsed by T-Systems.
> >
> > This message and/or attachment(s) may contain privileged or confidential
> > information. If you are not the intended recipient you may not disclose
> or
> > distribute any of the information contained within this message. In such
> > case you must destroy this message and inform the sender of the error.
> > T-Systems does not accept liability for any errors, omissions,
> information
> > and viruses contained in the transmission of this message. Any opinions,
> > conclusions and other information contained within this message not
> related
> > to T-Systems' official business is deemed to be that of the individual
> only
> > and is not endorsed by T-Systems.
> >
> > T-Systems - Business Flexibility
> >
>
>
> Disclaimer: This message and/or attachment(s) may contain privileged,
> confidential and/or personal information. If you are not the intended
> recipient you may not disclose or distribute any of the information
> contained within this message. In such case you must destroy this message
> and inform the sender of the error. T-Systems does not accept liability for
> any errors, omissions, information and viruses contained in the
> transmission of this message. Any opinions, conclusions and other
> information contained within this message not related to T-Systems'
> official business is deemed to be that of the individual only and is not
> endorsed by T-Systems.
>
> This message and/or attachment(s) may contain privileged or confidential
> information. If you are not the intended recipient you may not disclose or
> distribute any of the information contained within this message. In such
> case you must destroy this message and inform the sender of the error.
> T-Systems does not accept liability for any errors, omissions, information
> and viruses contained in the transmission of this message. Any opinions,
> conclusions and other information contained within this message not related
> to T-Systems' official business is deemed to be that of the individual only
> and is not endorsed by T-Systems.
>
> T-Systems - Business Flexibility
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message