incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chip Childers <chip.child...@sungard.com>
Subject Re: [ACS4.2] LDAP UI
Date Thu, 14 Feb 2013 15:01:31 GMT
On Thu, Feb 14, 2013 at 12:23:16PM +0530, Pranav Saxena wrote:
> Abhi,
> 
> I just completed the front end for configuring LDAP . You can see the screenshots attached
with this ticket - https://issues.apache.org/jira/browse/CLOUDSTACK-1271
> 
> Let me know if this looks ok to you . 

+1 looks good to me

> 
> 
> Regards,
> Pranav
> -----Original Message-----
> From: Pranav Saxena [mailto:pranav.saxena@citrix.com] 
> Sent: Thursday, February 14, 2013 11:39 AM
> To: cloudstack-dev@incubator.apache.org
> Cc: Musayev, Ilya
> Subject: RE: [ACS4.2] LDAP UI
> 
> Sure David . That's right , with the default port for LDAP over SSL set to  636  and
the default port for the LDAP server being 389  , I guess . 
> 
> -----Original Message-----
> From: David Nalley [mailto:david@gnsa.us]
> Sent: Thursday, February 14, 2013 11:30 AM
> To: cloudstack-dev@incubator.apache.org
> Cc: Musayev, Ilya
> Subject: Re: [ACS4.2] LDAP UI
> 
> On Thu, Feb 14, 2013 at 12:51 AM, Pranav Saxena <pranav.saxena@citrix.com> wrote:
> > To configure LDAP  , we need to pass in few multiple mandatory 
> > parameters -
> >
> > hostname        Hostname or ip address of the ldap server eg: my.ldap.com
> > queryfilter     You specify a query filter here, which narrows down the users, who
can be part of this domain.
> > searchbase      The search base defines the starting point for the search in the
directory tree
> >
> > If you are referring to Global settings , that can be done but then we'll have to
have three Ldap config parameters there . if that is a good design to handle this , then yes
we can do that. Perhaps , the idea is to have a single dialog box where a user could supply
three values and configure and debug them if something goes wrong.
> 
> 
> Those are the mandatory API inputs for CloudStack.
> But almost all environments will require username/password for binding at a minimum,
and you should probably, and prolly offer the SSL option as well. Port should probably be
an option too.
> 
> Without at least bind creds, the API configuration is practically useless on any modern
LDAP server.
> 
> --David
> 

Mime
View raw message