cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rajani Karuturi <Rajani.Karut...@citrix.com>
Subject Re: Unable to fetch Active Directory Users Information !
Date Mon, 07 Jul 2014 09:43:55 GMT
awesome!!

~Rajani



On 07-Jul-2014, at 3:05 pm, Deepak Yadav <deepak.x.u@gmail.com> wrote:

> Thnaks !
> 
> 
> After removing  " " quotes from ldap.basedn and ldap.bind.principal issue
> get resolved !
> 
> 
> On Mon, Jul 7, 2014 at 2:53 PM, Rajani Karuturi <Rajani.Karuturi@citrix.com>
> wrote:
> 
>> Everything seems to be correct. I don't see anything in the logs as well.
>> I am not sure if this is the issue but, can you remove the quotes around
>> basedn and bind.principal and try again?
>> 
>> remove the quotes, remove the ldap server(ip and port) and add again.
>> check the logs to see for any exception.
>> 
>> BTW, when you query the ldap from command line, is it returning users?
>> ldap server should have some users listed under the basedn provided and
>> accessible to bind.principal with bind.password.
>> Can you confirm this by command line query to ldap outside of cloudstack?
>> 
>> 
>> ~Rajani
>> 
>> 
>> 
>> On 07-Jul-2014, at 1:52 pm, Deepak Yadav <deepak.x.u@gmail.com> wrote:
>> 
>>> Hi
>>> 
>>> 
>>> Please find the log and screen shot from this location !
>>> 
>>> https://ci.mindeservices.com/data/
>>> 
>>> 
>>> On Mon, Jul 7, 2014 at 12:49 PM, Rajani Karuturi <
>> Rajani.Karuturi@citrix.com
>>>> wrote:
>>> 
>>>> -e param specifies the encryption type and the default is file. looks
>> like
>>>> it accepts only file and web. i don't know how to specify none there. (I
>>>> use the dev mvn build and its always disabled there)
>>>> 
>>>> ldap integration should work fine even with encryption enabled. if its
>>>> just for sharing the configuration values, can you put the screenshot
>>>> somewhere and share the url?
>>>> 
>>>> if you want to disable encryption for different reasons, please start a
>>>> new thread with correct subject to attract others attention.
>>>> 
>>>> ~Rajani
>>>> 
>>>> 
>>>> 
>>>> On 07-Jul-2014, at 11:53 am, Deepak Yadav <deepak.x.u@gmail.com> wrote:
>>>> 
>>>>> Hi
>>>>> 
>>>>> 
>>>>> When I am again deploying Cloud stack from scratch It automatically use
>>>>> db.cloud.encryption.type=file !
>>>>> 
>>>>> I am using this command while setup new database :
>>>>> cloudstack-setup-databases cloud:PassWord@localhost --deploy-as=root
>>>>> 
>>>>> 
>>>>> On Mon, Jul 7, 2014 at 11:20 AM, Deepak Yadav <deepak.x.u@gmail.com>
>>>> wrote:
>>>>> 
>>>>>> I am getting this out put while executing Api call.
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>> 
>> http://localhost:8096/client/api?command=listLdapUsers&listtype=new&response=json&apiKey=bzujkgpBXBoQGQgBf1948nCK3pparYHoYzbStJeGb4LNOCpcYU9OeZlPXNisYAZO7ceF6wSbaD13x45CfZPVgw&signature=TXgt_exc6VMMvjAMYkcrmyP9LfF9URejJbK0RB5IqP6UQ8ngOESmdEjAPNTgBaDUF9BxcPHJ-Nr4AUw0knZbNg
>>>>>> 
>>>>>> OUTPUT :
>>>>>> 
>>>>>> { "ldapuserresponse" : { } }
>>>>>> 
>>>>>> 
>>>>>> On Mon, Jul 7, 2014 at 10:54 AM, Rajani Karuturi <
>>>>>> Rajani.Karuturi@citrix.com> wrote:
>>>>>> 
>>>>>>> On port 8080, you should specify session key. Look for this api
call
>>>> and
>>>>>>> the output in firebug when you are on the add ldap account dialog.
>>>>>>> 
>>>>>>> or you cloud use cloud monkey
>>>>>>> 
>>>> 
>> https://cwiki.apache.org/confluence/display/CLOUDSTACK/CloudStack+cloudmonkey+CLI
>>>>>>> 
>>>>>>> 
>>>>>>> to disable encryption, set db.cloud.encryption.type=none in
>>>> db.properties.
>>>>>>> you will have to redeploy database and do all the configuration
again
>>>>>>> after this.
>>>>>>> 
>>>>>>> 
>>>>>>> to share the config values, either copy paste the values from
the ui
>> or
>>>>>>> put the screenshot somewhere and share the url.
>>>>>>> 
>>>>>>> 
>>>>>>> ~Rajani
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> On 07-Jul-2014, at 10:38 am, Deepak Yadav <deepak.x.u@gmail.com
>>>> <mailto:
>>>>>>> deepak.x.u@gmail.com>> wrote:
>>>>>>> 
>>>>>>> I am able to connect both the port from Cloud Server :  389,
3268.
>>>>>>> 
>>>>>>> Still I am not getting any data after removing
>>>>>>> ldap.search.group.principle  from Global Settings.
>>>>>>> 
>>>>>>> I am not able to connect this web URL from my cloud system because
>> this
>>>>>>> 8096 port is not running on my system, When I use my default
port
>> 8080
>>>> I
>>>>>>> am
>>>>>>> getting error " Unable to verify the user credential and or/
request
>>>>>>> Signature.
>>>>>>> 
>>>>>>> And As i know that I am not using any encryption on my system
so
>> please
>>>>>>> let
>>>>>>> me know how can disable and share u required log !
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> On Mon, Jul 7, 2014 at 10:11 AM, Rajani Karuturi <
>>>>>>> Rajani.Karuturi@citrix.com<mailto:Rajani.Karuturi@citrix.com>
>>>>>>> wrote:
>>>>>>> 
>>>>>>> looks like you have encryption enabled. hence, I wasn't able
to read
>>>> the
>>>>>>> configuration table values.
>>>>>>> 
>>>>>>> few observations:
>>>>>>> Are you able to connect to your ldap server on port 389 outside
>>>>>>> cloudstack?? the default port of AD is 3268
>>>>>>> 
>>>>>>> ldap.search.group.principle is not a compulsory field. its just
a way
>>>> to
>>>>>>> limit this users to only that group. you can remove that and
try.
>>>>>>> 
>>>>>>> Can you check the listldapusers api call output?
>>>>>>> 
>>>>>>> 
>>>> 
>> http://localhost:8096/client/api?command=listLdapUsers&listtype=new&response=json
>>>>>>> May be you are hitting this UI Issue?
>>>>>>> https://issues.apache.org/jira/browse/CLOUDSTACK-6487
>>>>>>> 
>>>>>>> if none of this helps, share the unencrypted configuration values.
>>>>>>> 
>>>>>>> ~Rajani
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> On 07-Jul-2014, at 9:51 am, Deepak Yadav <deepak.x.u@gmail.com
>> <mailto:
>>>>>>> deepak.x.u@gmail.com><mailto:
>>>>>>> deepak.x.u@gmail.com<mailto:deepak.x.u@gmail.com>>>
wrote:
>>>>>>> 
>>>>>>> Thnaks for your response !
>>>>>>> 
>>>>>>> 
>>>>>>> Please find the attached output of the command.
>>>>>>> 
>>>>>>> 
>>>>>>> On Mon, Jul 7, 2014 at 9:45 AM, Rajani Karuturi <
>>>>>>> Rajani.Karuturi@citrix.com<mailto:Rajani.Karuturi@citrix.com
>>> <mailto:
>>>>>>> Rajani.Karuturi@citrix.com>> wrote:
>>>>>>> images are stripped.
>>>>>>> 
>>>>>>> Can you share the output of following two queries?
>>>>>>> mysql> select * from ldap_configuration;
>>>>>>> mysql> select * from configuration where name like '%ldap%';
>>>>>>> 
>>>>>>> ~Rajani
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> On 07-Jul-2014, at 9:24 am, Deepak Yadav <deepak.x.u@gmail.com
>> <mailto:
>>>>>>> deepak.x.u@gmail.com><mailto:
>>>>>>> deepak.x.u@gmail.com<mailto:deepak.x.u@gmail.com>>>
wrote:
>>>>>>> 
>>>>>>> Hi,
>>>>>>> 
>>>>>>> 
>>>>>>> I want to join my cloud stack application to Active Directory
LDAP to
>>>> get
>>>>>>> user !
>>>>>>> 
>>>>>>> I am following this Blog to configure my LDAP settings !
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>> 
>> http://shapeblue.com/cloudstack/using-cloudstack-4-3-with-microsoft-active-directory/
>>>>>>> 
>>>>>>> But I am unable to fetch user account from my LDAP data. I am
also
>>>>>>> attaching screen shot of my Configuration !
>>>>>>> 
>>>>>>> Please let me know the correct way to configure LDAP in cloud
stack !
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> --
>>>>>>> Thanks & Regards
>>>>>>> Deepak Yadav
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> --
>>>>>>> Thanks & Regards
>>>>>>> Deepak Yadav
>>>>>>> M +91  9015150337 |
>>>>>>> E  Deepak.yadav@mind-infotech.com<mailto:
>>>> Deepak.yadav@mind-infotech.com
>>>>>>>> <mailto:Deepak.yadav@mind-infotech.com>
>>>>>>> | www.mind-infotech.com<http://www.mind-infotech.com/><
>>>>>>> http://www.mind-infotech.com/> |
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> --
>>>>>>> Thanks & Regards
>>>>>>> Deepak Yadav
>>>>>>> M +91  9015150337 |
>>>>>>> E  Deepak.yadav@mind-infotech.com<mailto:
>>>> Deepak.yadav@mind-infotech.com
>>>>>>>> <mailto:Deepak.yadav@mind-infotech.com>
>>>>>>> | www.mind-infotech.com<http://www.mind-infotech.com/><
>>>>>>> http://www.mind-infotech.com/> |
>>>>>>> 
>>>>>>> 
>>>>>>> <output.txt>
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> --
>>>>>>> Thanks & Regards
>>>>>>> Deepak Yadav
>>>>>>> 
>>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> --
>>>>>> Thanks & Regards
>>>>>> Deepak Yadav
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> --
>>>>> Thanks & Regards
>>>>> Deepak Yadav
>>>>> M +91  9015150337 |
>>>>> E  Deepak.yadav@mind-infotech.com | www.mind-infotech.com |
>>>> 
>>>> 
>>> 
>>> 
>>> --
>>> Thanks & Regards
>>> Deepak Yadav
>>> M +91  9015150337 |
>>> E  Deepak.yadav@mind-infotech.com | www.mind-infotech.com |
>> 
>> 
> 
> 
> -- 
> Thanks & Regards
> Deepak Yadav
> M +91  9015150337 |
> E  Deepak.yadav@mind-infotech.com | www.mind-infotech.com |


Mime
View raw message