Javier,
We are not using a true AD; instead, we are using Samba 4 as an AD.
However, it fails either being configured as AD or just plain LDAP.
I may provide the configuration if necessary, just let me know.
Regards,
On 24/09/13 10:56, Javier Fontan wrote:
I've tested the driver from 4.2 with a Windows 2008 server Active
directory and does fail when the password is not correct. Could it be
an Active Directory configuration?
On Fri, Sep 6, 2013 at 4:57 PM, Andreas Calvo Gómez
<andreas.ca...@scytl.com> wrote:
Javier,
Thanks for your time.
We are running the latest version of OpenNebula as of today: version 4.2.0.
On 06/09/13 15:23, Javier Fontan wrote:
It looks really bad. Could you please give use the OpenNebula version
you are using? I'll do my tests here and will let you know.
I've created a ticket to keep track of this problem:
http://dev.opennebula.org/issues/2307
On Wed, Aug 28, 2013 at 6:46 PM, Andreas Calvo Gómez
<andreas.ca...@scytl.com> wrote:
Hi all,
I've encountered a strange behavior while trying to configure ONE to
authenticate against an AD, either as a proper AD or as a LDAP.
If a credential is used to query LDAP and retrieve the complete DN for
the
user that wants to login, then no matter what password the user has typed
it
will be listed as authenticated.
ldap_auth.conf example:
server 1:
:user: 'myu...@mydomain.com'
:password: 'mypassword'
:auth_method: :simple
:host: ad.mydomain.com
:port: 389
:base: 'dc=mydomain,dc=com'
:user_field: 'sAMAccountName'
:order:
- server 1
If I manually query the authenticate process with a made up password and
secret, it is always listed as authenticated.
For instance:
oneadmin@opennebula:~$ ./remotes/auth/default/authenticate myuser
badpassword badpassword
Trying server server 1
ldap myuser CN=myuser,CN=Users,DC=mydomain,DC=com
My guess is that the same user that is used to look up users, performs
the
authenticate method and always returns a valid user.
Or maybe I'm missing something.
Any hint?
Thanks!
_______________________________________________
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
--
Andreas Calvo Gómez
Systems Engineer
Scytl Secure Electronic Voting
Plaça Gal·la Placidia, 1-3, 1st floor · 08006 Barcelona
Phone: + 34 934 230 324
Fax: + 34 933 251 028
http://www.scytl.com
NOTICE: The information in this e-mail and in any of its attachments is
confidential and intended solely for the attention and use of the named
addressee(s). If you are not the intended recipient, any disclosure,
copying,
distribution or retaining of this message or any part of it, without the
prior
written consent of Scytl Secure Electronic Voting, SA is prohibited and
may be
unlawful. If you have received this in error, please contact the sender
and
delete the material from any computer.
_______________________________________________
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
