Does not work and I sort of expected that. The md5 encryption takes place on the user level (browser session) as its hardcoded into sharedFunctoins.js
The components.xml take effect post user session. Just like in CS3, if you were to modify the adapter name="MD5" class="com.cloud.server.auth.PlainTextUserAuthenticator" you will break the *local* user authentication, because passwords are md5 encrypted. I reverted back the change and will submit a patch. It will need to be reviewed by someone who does a much better CSS and JS than I do. Regards ilya -----Original Message----- From: Suresh Sadhu [mailto:[email protected]] Sent: Thursday, October 25, 2012 2:36 AM To: [email protected] Subject: RE: Status of LDAP/AD integration and CS4 Can you try this:(refer this bug: CS-14680 CS and Ldap user validation can't happen simultaneously due to current limitation) Jessica Tomechak added a comment - 04/Oct/12 12:17 PM Additional information from Abhinandan P: Both cloudstack and LDAP account should work. In component.xml change this: <adapter name="MD5" class="com.cloud.server.auth.MD5UserAuthenticator"/> To <adapter name="MD5" class="com.cloud.server.auth.PlainTextUserAuthenticator"/> If not already done. -abhi Thanks Sadhu -----Original Message----- From: Kelcey Damage (BBITS) [mailto:[email protected]] Sent: 25 October 2012 03:19 To: [email protected] Subject: RE: Status of LDAP/AD integration and CS4 This interests me greatly. KELCEY DAMAGE Infrastructure Systems Architect www.backbonetechnology.com ------------------------------------------------------------------------- [email protected] address: 55 East 7th Ave, Vancouver, BC, V5T 1M4 tel: +1 604 713 8560 ext:114 fax: +1 604 605 0964 skype: kelcey.damage -----Original Message----- From: Musayev, Ilya [mailto:[email protected]] Sent: Wednesday, October 24, 2012 2:36 PM To: [email protected] Subject: Status of LDAP/AD integration and CS4 In CS3.x, the Microsoft Active directory LDAP integration did not work because when password was submitted on login page, the sharedFunctions.js file has md5hashedLogin set to true, which in turn would encrypt user password as MD5 and then submit to management core to verify. This auth method works fine for regular local auth and probably other LDAP servers but definitely not with MS LDAP as it does not support MD5 hashed passwords as input. Is it still the case with CS4 or has anything changed? I wrote a fix for CS3.x and posted the solution on original/old bug tracker. I'm not certain if I need to do the same fix for 4.0 or we have this addressed. I looked at sharedFunctions.js file and it appears we are still doing the same thing. My AD login fails with invalid username and password - because CS4 submits my password as MD5 hash. As always, your feedback is appreciated. Thanks Ilya
