openmeetings-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bart Coninckx <bart.conin...@telenet.be>
Subject Re: LDAP authentication against eDirectory issue
Date Wed, 30 Jan 2013 12:34:13 GMT
Would you mind posting your config file?

cheers,

BC

On 01/30/13 13:01, Stephen Cottham wrote:
>
> Havant tested OpenLDAP or eDirectory but I can confirm it works fine 
> with Active Directory.
>
> *Stephen Cottham**
> *Group IT Manager (Associate)
>
> Robert Bird Group
> Level 5, 333 Ann St
> Brisbane, Queensland, 4000, Australia
>
> *Phone: +6173 319 2777 (AUS)*
>
> *Phone: +44207 633 2880 (UK)*
>
> *Fax: +6173 319 2799*
>
> **
>
> *Mobile:  +61400 756 963 (AUS)*
>
> *Mobile: +447900 918 616 (UK)*
>
> *Web: **www.robertbird.com* <http://www.robertbird.com/>
>
> <http://www.robertbird.com.au/><http://www.robertbird.com.au/>
>
> This email and any attachments are confidential and may contain 
> legally privileged information or copyright material. Unless expressly 
> stated, confidentiality and/or legal privilege is not intended to be 
> waived by the sending of this email. The contents of this email, 
> including any attachments, are intended solely for the use of the 
> individual or entity to whom they are addressed. If you are not an 
> intended recipient, please contact us immediately by return email and 
> then delete both messages. You may not otherwise read, forward, copy, 
> use or disclose this email or any attachments. Any views expressed in 
> this email are those of the individual sender except where the sender 
> expressly, and with authority, states otherwise. It is your 
> responsibility to check any attachments for viruses or defects before 
> opening or sending them on. None of the sender or its related entities 
> accepts any liability for any consequential damage resulting from this 
> email containing computer viruses.
>
>
> Disclaimer added by *CodeTwo Exchange Rules*
> www.codetwo.com <http://www.codetwo.com>
>
> *From:*Bart Coninckx [mailto:bart.coninckx@telenet.be]
> *Sent:* 30 January 2013 11:57
> *To:* user@openmeetings.apache.org
> *Subject:* Re: LDAP authentication against eDirectory issue
>
> OK - this thing is driving me crazy. After scavaging the mailing lists 
> for several hours and doing numerous attempts to get it working, 
> nothing seems to help.
> I suspect something is missing for OM to be able to create the LDAP 
> user in it's local database. While manually inserting a user, I get 
> the question to which user group the user will belong.
> This membership is not investigated while doing a LDAP search, so the 
> problem might be there.
>
> Does anyone have any clue on why the logfile reports the LDAP being 
> created successfully, while it not's not? The same problem exists for 
> OpenLDAP as for eDirectory, so I'm guessing it's not related to the 
> LDAP config.
>
> Cheers,
>
> BC
>
>
> On 01/29/13 22:55, Bart Coninckx wrote:
>
>     Weird - I tried with openldap and I get the same phenomenon.
>
>     :-s
>
>
>     thx,
>
>     BC
>
>     On 01/29/13 20:21, Bart Coninckx wrote:
>
>         two additions:
>
>         - I added "ldap_user_attr_language_id=Language" to no avail
>         - eDir wants to have the user login name ALWAYS in capitals,
>         nomatter how ldap_use_lower_case is defined.
>
>
>         BC
>
>
>
>         On 01/29/13 19:59, Bart Coninckx wrote:
>
>             Hi again,
>
>             The next step for me was enabling LDAP auth.
>             This produces errors however:
>
>             DEBUG 01-29 19:52:49.161 LdapLoginManagement.java 204230
>             242 org.openmeetings.app.ldap.LdapLoginManagement
>             [NioProcessor-18] - LdapLoginmanagement.doLdapLogin
>             DEBUG 01-29 19:52:49.161 LdapLoginManagement.java 204230
>             198 org.openmeetings.app.ldap.LdapLoginManagement
>             [NioProcessor-18] - LdapLoginmanagement.getLdapConfigData
>             DEBUG 01-29 19:52:49.161 LdapLoginManagement.java 204230
>             217 org.openmeetings.app.ldap.LdapLoginManagement
>             [NioProcessor-18] - LdapLoginmanagement.readConfig :
>             /data/openmeetings/webapps/openmeetings/conf/edir.ldap.cfg
>             DEBUG 01-29 19:52:49.162 LdapLoginManagement.java 204231
>             138 org.openmeetings.app.ldap.LdapLoginManagement
>             [NioProcessor-18] - isValidAuthType
>             DEBUG 01-29 19:52:49.162 LdapLoginManagement.java 204231
>             382 org.openmeetings.app.ldap.LdapLoginManagement
>             [NioProcessor-18] - Searching userdata with LDAP Search
>             Filter :(uid=BC)
>             DEBUG 01-29 19:52:49.163 LdapAuthBase.java 204232 84
>             org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] -
>             LdapAuthBase
>             DEBUG 01-29 19:52:49.163 LdapLoginManagement.java 204232
>             393 org.openmeetings.app.ldap.LdapLoginManagement
>             [NioProcessor-18] - authenticating admin...
>             DEBUG 01-29 19:52:49.163 LdapAuthBase.java 204232 101
>             org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] -
>             authenticateUser
>             DEBUG 01-29 19:52:49.163 LdapAuthBase.java 204232 117
>             org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] -
>
>             Authentification to LDAP - Server start
>             DEBUG 01-29 19:52:49.164 LdapAuthBase.java 204233 151
>             org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] -
>             loginToLdapServer
>             DEBUG 01-29 19:52:49.167 LdapLoginManagement.java 204236
>             396 org.openmeetings.app.ldap.LdapLoginManagement
>             [NioProcessor-18] - Checking server type...
>             DEBUG 01-29 19:52:49.168 LdapLoginManagement.java 204237
>             400 org.openmeetings.app.ldap.LdapLoginManagement
>             [NioProcessor-18] - LDAP server is OpenLDAP
>             DEBUG 01-29 19:52:49.168 LdapLoginManagement.java 204237
>             401 org.openmeetings.app.ldap.LdapLoginManagement
>             [NioProcessor-18] - LDAP search base: OU=tu,O=be
>             DEBUG 01-29 19:52:49.173 LdapLoginManagement.java 204242
>             407 org.openmeetings.app.ldap.LdapLoginManagement
>             [NioProcessor-18] - Authentication with DN:
>             cn=BC,ou=ICT,OU=tu,O=be
>             DEBUG 01-29 19:52:49.174 LdapAuthBase.java 204243 101
>             org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] -
>             authenticateUser
>             DEBUG 01-29 19:52:49.174 LdapAuthBase.java 204243 117
>             org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] -
>
>             Authentification to LDAP - Server start
>             DEBUG 01-29 19:52:49.174 LdapAuthBase.java 204243 151
>             org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] -
>             loginToLdapServer
>             DEBUG 01-29 19:52:49.177 Usermanagement.java 204246 1556
>             org.openmeetings.app.data.user.Usermanagement
>             [NioProcessor-18] - Usermanagement.getUserByLogin : BC
>             DEBUG 01-29 19:52:49.202 LdapLoginManagement.java 204271
>             442 org.openmeetings.app.ldap.LdapLoginManagement
>             [NioProcessor-18] - user doesnt exist local -> create new
>             DEBUG 01-29 19:52:49.203 LdapAuthBase.java 204272 174
>             org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] -
>             getData
>             DEBUG 01-29 19:52:49.208 LdapLoginManagement.java 204277
>             495 org.openmeetings.app.ldap.LdapLoginManagement
>             [NioProcessor-18] - Synching Ldap user to OM DB with
>             RANDOM password: brghzu36ohpp
>             DEBUG 01-29 19:52:49.209 LdapLoginManagement.java 204278
>             592 org.openmeetings.app.ldap.LdapLoginManagement
>             [NioProcessor-18] - LdapLoginmanagement.createUserFromLdapData
>             DEBUG 01-29 19:52:49.305 LdapLoginManagement.java 204374
>             727 org.openmeetings.app.ldap.LdapLoginManagement
>             [NioProcessor-18] - User Created!
>             DEBUG 01-29 19:52:49.305 LdapLoginManagement.java 204374
>             504 org.openmeetings.app.ldap.LdapLoginManagement
>             [NioProcessor-18] - New User ID : -13
>             DEBUG 01-29 19:52:49.307 Sessionmanagement.java 204376 176
>             org.openmeetings.app.data.basic.Sessionmanagement
>             [NioProcessor-18] - updateUser User: -13 ||
>             d1b0316797f91a46c08a392d071a790d
>             DEBUG 01-29 19:52:49.311 Sessionmanagement.java 204380 196
>             org.openmeetings.app.data.basic.Sessionmanagement
>             [NioProcessor-18] - Found session to update:
>             d1b0316797f91a46c08a392d071a790d userId: -13
>             DEBUG 01-29 19:52:49.315 Usermanagement.java 204384 1505
>             org.openmeetings.app.data.user.Usermanagement
>             [NioProcessor-18] - Usermanagement.getUserById
>             [INFO] [NioProcessor-18]
>             org.red5.server.net.rtmp.codec.RTMPProtocolDecoder -
>             Action errorservice.getErrorByCode
>             DEBUG 01-29 19:52:49.627 ErrorService.java 204696 60
>             org.openmeetings.app.remote.ErrorService [NioProcessor-18]
>             - errorid, language_id: -1|1
>             DEBUG 01-29 19:52:49.632 ErrorService.java 204701 64
>             org.openmeetings.app.remote.ErrorService [NioProcessor-18]
>             - eValues.getFieldvalues_id() = 334
>             DEBUG 01-29 19:52:49.636 ErrorService.java 204705 66
>             org.openmeetings.app.remote.ErrorService [NioProcessor-18]
>             - eValues.getErrorType() =
>             org.openmeetings.app.persistence.beans.basic.ErrorType@32b1a562
>             <mailto:org.openmeetings.app.persistence.beans.basic.ErrorType@32b1a562>
>
>             As far as I can tell, OM is effectively able to
>             authenticate the user and adds it to it's own database.
>             However, when I check the DB, there's no new user, just
>             the local admin.
>
>             This OM 2.0 and this is the config file:
>
>             ldap_server_type=OpenLDAP
>             ldap_conn_url=ldap://cluster2fs.dafra.be:389
>             ldap_admin_dn=CN:admin,O:be
>             ldap_passwd=nononono_you_can_not_have_this
>             ldap_search_base=OU:tu,O:be
>             field_user_principal=uid
>             ldap_auth_type=SIMPLE
>             ldap_use_lower_case=true
>             #ldap_user_timezone=timezone
>             ldap_sync_password_to_om=no
>             ldap_user_attr_lastname=sn
>             ldap_user_attr_firstname=givenName
>             ldap_user_attr_mail=mail
>             ldap_user_attr_street=street
>             ldap_user_attr_additionalname=description
>             ldap_user_attr_fax=facsimileTelephoneNumber
>             ldap_user_attr_zip=postalCode
>             ldap_user_attr_country=co
>             ldap_user_attr_town=city
>             ldap_user_attr_phone=telephoneNumber
>             ldap_user_attr_language=Language
>
>             I used this documentation (which is rather brief):
>             http://incubator.apache.org/openmeetings/LdapAndADS.html
>
>
>             the config file I assembled both from the sample file and
>             a mailing post.
>             I'm able to trace LDAP calls on the eDir server and
>             nothing funny happens there. The search is done for the
>             user, without any attributes however, so eDir sends them all.
>
>             Anyone a small hint?
>
>             cheers,
>
>             BC
>
>
>
>


Mime
View raw message