openmeetings-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bart Coninckx <bart.conin...@telenet.be>
Subject Re: LDAP authentication against eDirectory issue
Date Wed, 30 Jan 2013 11:57:01 GMT
OK - this thing is driving me crazy. After scavaging the mailing lists 
for several hours and doing numerous attempts to get it working, nothing 
seems to help.
I suspect something is missing for OM to be able to create the LDAP user 
in it's local database. While manually inserting a user, I get the 
question to which user group the user will belong.
This membership is not investigated while doing a LDAP search, so the 
problem might be there.

Does anyone have any clue on why the logfile reports the LDAP being 
created successfully, while it not's not? The same problem exists for 
OpenLDAP as for eDirectory, so I'm guessing it's not related to the LDAP 
config.

Cheers,

BC


On 01/29/13 22:55, Bart Coninckx wrote:
> Weird - I tried with openldap and I get the same phenomenon.
>
> :-s
>
>
> thx,
>
> BC
>
> On 01/29/13 20:21, Bart Coninckx wrote:
>> two additions:
>>
>> - I added "ldap_user_attr_language_id=Language" to no avail
>> - eDir wants to have the user login name ALWAYS in capitals, nomatter 
>> how ldap_use_lower_case is defined.
>>
>>
>> BC
>>
>>
>>
>> On 01/29/13 19:59, Bart Coninckx wrote:
>>> Hi again,
>>>
>>> The next step for me was enabling LDAP auth.
>>> This produces errors however:
>>>
>>> DEBUG 01-29 19:52:49.161 LdapLoginManagement.java 204230 242 
>>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>>> LdapLoginmanagement.doLdapLogin
>>> DEBUG 01-29 19:52:49.161 LdapLoginManagement.java 204230 198 
>>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>>> LdapLoginmanagement.getLdapConfigData
>>> DEBUG 01-29 19:52:49.161 LdapLoginManagement.java 204230 217 
>>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>>> LdapLoginmanagement.readConfig : 
>>> /data/openmeetings/webapps/openmeetings/conf/edir.ldap.cfg
>>> DEBUG 01-29 19:52:49.162 LdapLoginManagement.java 204231 138 
>>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>>> isValidAuthType
>>> DEBUG 01-29 19:52:49.162 LdapLoginManagement.java 204231 382 
>>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>>> Searching userdata with LDAP Search Filter :(uid=BC)
>>> DEBUG 01-29 19:52:49.163 LdapAuthBase.java 204232 84 
>>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] - LdapAuthBase
>>> DEBUG 01-29 19:52:49.163 LdapLoginManagement.java 204232 393 
>>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>>> authenticating admin...
>>> DEBUG 01-29 19:52:49.163 LdapAuthBase.java 204232 101 
>>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] - 
>>> authenticateUser
>>> DEBUG 01-29 19:52:49.163 LdapAuthBase.java 204232 117 
>>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] -
>>>
>>> Authentification to LDAP - Server start
>>> DEBUG 01-29 19:52:49.164 LdapAuthBase.java 204233 151 
>>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] - 
>>> loginToLdapServer
>>> DEBUG 01-29 19:52:49.167 LdapLoginManagement.java 204236 396 
>>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>>> Checking server type...
>>> DEBUG 01-29 19:52:49.168 LdapLoginManagement.java 204237 400 
>>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>>> LDAP server is OpenLDAP
>>> DEBUG 01-29 19:52:49.168 LdapLoginManagement.java 204237 401 
>>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>>> LDAP search base: OU=tu,O=be
>>> DEBUG 01-29 19:52:49.173 LdapLoginManagement.java 204242 407 
>>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>>> Authentication with DN: cn=BC,ou=ICT,OU=tu,O=be
>>> DEBUG 01-29 19:52:49.174 LdapAuthBase.java 204243 101 
>>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] - 
>>> authenticateUser
>>> DEBUG 01-29 19:52:49.174 LdapAuthBase.java 204243 117 
>>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] -
>>>
>>> Authentification to LDAP - Server start
>>> DEBUG 01-29 19:52:49.174 LdapAuthBase.java 204243 151 
>>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] - 
>>> loginToLdapServer
>>> DEBUG 01-29 19:52:49.177 Usermanagement.java 204246 1556 
>>> org.openmeetings.app.data.user.Usermanagement [NioProcessor-18] - 
>>> Usermanagement.getUserByLogin : BC
>>> DEBUG 01-29 19:52:49.202 LdapLoginManagement.java 204271 442 
>>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>>> user doesnt exist local -> create new
>>> DEBUG 01-29 19:52:49.203 LdapAuthBase.java 204272 174 
>>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] - getData
>>> DEBUG 01-29 19:52:49.208 LdapLoginManagement.java 204277 495 
>>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>>> Synching Ldap user to OM DB with RANDOM password: brghzu36ohpp
>>> DEBUG 01-29 19:52:49.209 LdapLoginManagement.java 204278 592 
>>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>>> LdapLoginmanagement.createUserFromLdapData
>>> DEBUG 01-29 19:52:49.305 LdapLoginManagement.java 204374 727 
>>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>>> User Created!
>>> DEBUG 01-29 19:52:49.305 LdapLoginManagement.java 204374 504 
>>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>>> New User ID : -13
>>> DEBUG 01-29 19:52:49.307 Sessionmanagement.java 204376 176 
>>> org.openmeetings.app.data.basic.Sessionmanagement [NioProcessor-18] 
>>> - updateUser User: -13 || d1b0316797f91a46c08a392d071a790d
>>> DEBUG 01-29 19:52:49.311 Sessionmanagement.java 204380 196 
>>> org.openmeetings.app.data.basic.Sessionmanagement [NioProcessor-18] 
>>> - Found session to update: d1b0316797f91a46c08a392d071a790d userId: -13
>>> DEBUG 01-29 19:52:49.315 Usermanagement.java 204384 1505 
>>> org.openmeetings.app.data.user.Usermanagement [NioProcessor-18] - 
>>> Usermanagement.getUserById
>>> [INFO] [NioProcessor-18] 
>>> org.red5.server.net.rtmp.codec.RTMPProtocolDecoder - Action 
>>> errorservice.getErrorByCode
>>> DEBUG 01-29 19:52:49.627 ErrorService.java 204696 60 
>>> org.openmeetings.app.remote.ErrorService [NioProcessor-18] - 
>>> errorid, language_id: -1|1
>>> DEBUG 01-29 19:52:49.632 ErrorService.java 204701 64 
>>> org.openmeetings.app.remote.ErrorService [NioProcessor-18] - 
>>> eValues.getFieldvalues_id() = 334
>>> DEBUG 01-29 19:52:49.636 ErrorService.java 204705 66 
>>> org.openmeetings.app.remote.ErrorService [NioProcessor-18] - 
>>> eValues.getErrorType() = 
>>> org.openmeetings.app.persistence.beans.basic.ErrorType@32b1a562
>>>
>>> As far as I can tell, OM is effectively able to authenticate the 
>>> user and adds it to it's own database.
>>> However, when I check the DB, there's no new user, just the local admin.
>>>
>>> This OM 2.0 and this is the config file:
>>>
>>> ldap_server_type=OpenLDAP
>>> ldap_conn_url=ldap://cluster2fs.dafra.be:389
>>> ldap_admin_dn=CN:admin,O:be
>>> ldap_passwd=nononono_you_can_not_have_this
>>> ldap_search_base=OU:tu,O:be
>>> field_user_principal=uid
>>> ldap_auth_type=SIMPLE
>>> ldap_use_lower_case=true
>>> #ldap_user_timezone=timezone
>>> ldap_sync_password_to_om=no
>>> ldap_user_attr_lastname=sn
>>> ldap_user_attr_firstname=givenName
>>> ldap_user_attr_mail=mail
>>> ldap_user_attr_street=street
>>> ldap_user_attr_additionalname=description
>>> ldap_user_attr_fax=facsimileTelephoneNumber
>>> ldap_user_attr_zip=postalCode
>>> ldap_user_attr_country=co
>>> ldap_user_attr_town=city
>>> ldap_user_attr_phone=telephoneNumber
>>> ldap_user_attr_language=Language
>>>
>>> I used this documentation (which is rather brief):
>>> http://incubator.apache.org/openmeetings/LdapAndADS.html
>>>
>>>
>>> the config file I assembled both from the sample file and a mailing 
>>> post.
>>> I'm able to trace LDAP calls on the eDir server and nothing funny 
>>> happens there. The search is done for the user, without any 
>>> attributes however, so eDir sends them all.
>>>
>>> Anyone a small hint?
>>>
>>> cheers,
>>>
>>> BC
>>>
>>>
>>>
>>>
>>>
>>
>


Mime
View raw message