|
| From: | Jose Eugenio Quesada |
| Subject: | Re: [Health-dev] Help with LDAP configuration |
| Date: | Sun, 6 Dec 2015 20:59:56 +0800 |
Joe GeneThanks,What kind of permissions are needed for the libuser on OpenLDAP?Do you have a sample ldap_configuration file that I can use as a template?Hi Cedric,Thanks for your reply. I'm still stuck though as I do not know what to put in the UID attribute value.On Wed, Dec 2, 2015 at 1:00 AM, <address@hidden> wrote:Send Health-dev mailing list submissions to
address@hidden
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.gnu.org/mailman/listinfo/health-dev
or, via email, send a message with subject or body 'help' to
address@hidden
You can reach the person managing the list at
address@hidden
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Health-dev digest..."
Today's Topics:
1. Help with LDAP configuration (Joe Gene Q)
2. Re: Help with LDAP configuration (C?dric Krier)
----------------------------------------------------------------------
Message: 1
Date: Tue, 1 Dec 2015 10:17:28 +0800
From: Joe Gene Q <address@hidden>
To: address@hidden
Subject: [Health-dev] Help with LDAP configuration
Message-ID:
<address@hidden>
Content-Type: text/plain; charset="utf-8"-------------- next part --------------
Hi,
I am trying to configure GNU Health to connect to an LDAP server for LDAP
based authentication.
I got as far as adding an LDAP connection string in trytond.conf, and
getting the LDAP server and the tryton server to communicate and exchange
messages.
I am now getting an error in my slapd log file, and I don't know how to
proceed.
I installed ldap_authentication module ver 3.4.4, and I am using GNU Health
ver 2.8.1. The LDAP Server I am using runs on CENTOS 6
Would really appreciate the help.
Here are the relevant logs, configurations:
GNU Health Log
[Tue Dec 01 01:53:30 2015]
ERROR:trytond.modules.ldap_authentication.res:LDAPError: {'desc': 'No such
object'}
[Tue Dec 01 01:53:31 2015] INFO:trytond.protocols.dispatcher:bad login or
password 'cameroncordara1' from ::ffff:192.168.2.3:9652 using JSON-RPC on
database 'gnuhealth_custom9_account_es'
var/log/slapd
Nov 30 03:42:23 nethserver slapd[780]: conn=1271 fd=26 ACCEPT from IP=
192.168.2.39:45632 (IP=0.0.0.0:389)
Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SRCH
base="cn=libuser,ou=people,dc=directory,dc=nh" scope=0 deref=0
filter="(uid=cameroncordara1)"
Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SRCH attr=uid
Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SEARCH RESULT tag=101
err=32 nentries=0 text=
Nov 30 03:42:24 nethserver slapd[780]: conn=1271 op=1 UNBIND
Nov 30 03:42:24 nethserver slapd[780]: conn=1271 fd=26 closed
trytond.conf
[ldap_authentication]
# The URI to connect to the LDAP server.
#uri = ldap://host:port/dn?attributes?scope?filter?extensions
# A basic default URL could look like
uri = ldap://192.168.2.5:389/cn=libuser,ou=people,dc=directory,dc=nh
bind_pass = *****************
PHPLDAPAdmin
User: Logged in as: uid=cameroncordara1,ou=People,dc=directory,dc=nh
Info on cameroncordara1:
# LDIF Export for uid=cameroncordara1,ou=People,dc=directory,dc=nh
# Server: Local LDAP Server (127.0.0.1)
# Search Scope: base
# Search Filter: (objectClass=*)
# Total Entries: 1
#
# Generated by phpLDAPadmin (http://phpldapadmin.sourceforge.net) on
November 30, 2015 3:46 am
# Version: 1.2.3
version: 1
# Entry 1: uid=cameroncordara1,ou=People,dc=directory,dc=nh
dn: uid=cameroncordara1,ou=People,dc=directory,dc=nh
cn: Cameron Cordara
displayname: cameroncordara1
gecos: cameroncordara1
gidnumber: 5004
givenname: Cameron
homedirectory: /var/lib/nethserver/home/cameroncordara1
l: Hometown
loginshell: /usr/libexec/openssh/sftp-server
o: Example Org
objectclass: posixAccount
objectclass: shadowAccount
objectclass: inetOrgPerson
objectclass: sambaSamAccount
objectclass: person
ou: Main
sambaacctflags: [U ]
sambapasswordhistory: 000000000000000000000000000000000000000000000000000000
0000000000
sambapwdlastset: 1448868739
sambasid: S-1-5-21-2926184770-3520563768-3089542549-1006
shadowexpire: -1
shadowflag: -1
shadowinactive: -1
shadowlastchange: 16769
shadowmax: 180
shadowmin: 0
shadowwarning: 7
sn: Cordara
street: 123 Main Street
telephonenumber: 575-1685
uid: cameroncordara1
uidnumber: 5004
userpassword: {CRYPT}$6$NVvlY8zarTpcLgCb$o6EW2dgBr0LDTKyUc/xRCqR3a1/YwLUzk./
/rn0TMPB.Ff8J4zupWnEWJ0PdSWWY0GEu8folQ4AmCpWoBueFY1
An HTML attachment was scrubbed...
URL: <http://lists.gnu.org/archive/html/health-dev/attachments/20151201/66d76cd0/attachment.html>
------------------------------
Message: 2
Date: Tue, 1 Dec 2015 09:54:25 +0100
From: C?dric Krier <address@hidden>
To: address@hidden
Subject: Re: [Health-dev] Help with LDAP configuration
Message-ID: <address@hidden>
Content-Type: text/plain; charset="utf-8"This looks like the search should not be on uid attribute.
On 2015-12-01 10:17, Joe Gene Q wrote:
> Hi,
>
> I am trying to configure GNU Health to connect to an LDAP server for LDAP
> based authentication.
>
> I got as far as adding an LDAP connection string in trytond.conf, and
> getting the LDAP server and the tryton server to communicate and exchange
> messages.
>
> I am now getting an error in my slapd log file, and I don't know how to
> proceed.
>
> I installed ldap_authentication module ver 3.4.4, and I am using GNU Health
> ver 2.8.1. The LDAP Server I am using runs on CENTOS 6
>
> Would really appreciate the help.
>
> Here are the relevant logs, configurations:
>
> GNU Health Log
>
> [Tue Dec 01 01:53:30 2015]
> ERROR:trytond.modules.ldap_authentication.res:LDAPError: {'desc': 'No such
> object'}
> [Tue Dec 01 01:53:31 2015] INFO:trytond.protocols.dispatcher:bad login or
> password 'cameroncordara1' from ::ffff:192.168.2.3:9652 using JSON-RPC on
> database 'gnuhealth_custom9_account_es'
>
>
> var/log/slapd
>
> Nov 30 03:42:23 nethserver slapd[780]: conn=1271 fd=26 ACCEPT from IP=
> 192.168.2.39:45632 (IP=0.0.0.0:389)
> Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SRCH
> base="cn=libuser,ou=people,dc=directory,dc=nh" scope=0 deref=0
> filter="(uid=cameroncordara1)"
> Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SRCH attr=uid
> Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SEARCH RESULT tag=101
> err=32 nentries=0 text=
You can configure the UID attribute in the configuration:
http://doc.tryton.org/3.4/modules/ldap_authentication/doc/index.html#uid
> Nov 30 03:42:24 nethserver slapd[780]: conn=1271 op=1 UNBIND
> Nov 30 03:42:24 nethserver slapd[780]: conn=1271 fd=26 closed
>
>
> trytond.conf
>
> [ldap_authentication]
> # The URI to connect to the LDAP server.
> #uri = ldap://host:port/dn?attributes?scope?filter?extensions
> # A basic default URL could look like
> uri = ldap://192.168.2.5:389/cn=libuser,ou=people,dc=directory,dc=nh
> bind_pass = *****************
--
C?dric Krier - B2CK SPRL
Email/Jabber: address@hidden
Tel: +32 472 54 46 59
Website: http://www.b2ck.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 345 bytes
Desc: not available
URL: <http://lists.gnu.org/archive/html/health-dev/attachments/20151201/278e6ec7/attachment.pgp>
------------------------------
_______________________________________________
Health-dev mailing list
address@hidden
https://lists.gnu.org/mailman/listinfo/health-dev
End of Health-dev Digest, Vol 53, Issue 1
*****************************************
| [Prev in Thread] | Current Thread | [Next in Thread] |