Bug #7137
closedForeman is not using LDAP account to bind to the directory
Description
I have LDAP authentication running in Foreman 1.5.2 without any issues. I am starting to test 1.6.0-rc1 and have found that even though I have defined an LDAP account to bind with 1.6.2 is only attempting to use an anonymous connection. I am not using SSL for this ldap connection.
Updated by Dominic Cleal over 9 years ago
- Category set to Authentication
- Target version set to 1.7.5
- translation missing: en.field_release set to 10
Updated by Chuck Schweizer over 9 years ago
Also this configuration is using POSIX.
Updated by Chuck Schweizer over 9 years ago
Based on my limited understanding, it looks like POSIX server type is not setup to allow a Service Account in the LDAP Fluff code.
Updated by Chuck Schweizer over 9 years ago
Here is what I had to change to fix my issue. Not sure if everything is fixed or if I broke something else.
https://github.com/csschwe/ldap_fluff/tree/POSIX_ldap_login_fix
Updated by Dominic Cleal over 9 years ago
- Status changed from New to Assigned
- Assignee set to Dominic Cleal
Updated by Dominic Cleal over 9 years ago
- Status changed from Assigned to Ready For Testing
https://github.com/Katello/ldap_fluff/pull/31 submits the fix for group DN to look up users.
https://github.com/Katello/ldap_fluff/pull/32 allows use of a service account with POSIX servers. I tried to keep the original behaviours working, to allow anonymous searches and also determine the DN from a search of the directory for binds.
Updated by Anonymous over 9 years ago
- Target version changed from 1.7.5 to 1.7.4
Updated by Dominic Cleal over 9 years ago
http://koji.katello.org/koji/taskinfo?taskID=143822 (noarch.rpm) has all of the open ldap_fluff PRs patched in, if you wanted to test it.
Updated by Chuck Schweizer over 9 years ago
Dominic Cleal wrote:
http://koji.katello.org/koji/taskinfo?taskID=143822 (noarch.rpm) has all of the open ldap_fluff PRs patched in, if you wanted to test it.
This is working correctly for me. Thanks
Updated by Dominic Cleal over 9 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Thanks for the testing and patches. ldap_fluff 0.3.1 is being released into nightlies and 1.6.0-RC2.