Hi Before I make an appointment at my psycho analyst I ask you for help...
I am trying to get the ldap authentication against a Windows 2003 domain working. Using ldapsearch is working as espected. The following command was executed: ldapsearch -LLL -x -b 'ou=Users,OU=Bern,OU=Switzerland,OU=10_Locations,DC=emmi,DC=ch' -D CN=username,OU=Service-Accounts,OU=Admin,DC=emmi,DC=ch -w password -H ldap://domaincontroller.emmi.ch "sAMAccountName=*" cn Now trying to adapt it to cobbler: # configuration options if using the authn_ldap module. See the # the Wiki for details. This can be ignored if you are not using # LDAP for WebUI/XMLRPC authentication. ldap_server: "domaincontroller.emmi.ch" ldap_base_dn: "DC=emmi,DC=ch" ldap_port: 389 ldap_tls: 1 ldap_anonymous_bind: 0 ldap_search_bind_dn: 'CN=username,OU=Service-Accounts,OU=Admin,DC=emmi,DC=ch' ldap_search_passwd: 'password' ldap_search_prefix: 'sAMAccountName=* CN' Also tried on ldap_search_prefix '' and 'CN' and ldap_tls 0 and 1 The ldap_search_prefix: 'sAMAccountName=* CN' gets the following messages in /var/log/cobbler/cobbler.log: Tue Jan 12 15:50:52 2010 - INFO | Exception occured: ldap.OPERATIONS_ERROR Tue Jan 12 15:50:52 2010 - INFO | Exception value: {'info': '00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece', 'desc': 'Operations error'} Tue Jan 12 15:50:52 2010 - INFO | Exception Info: File "/usr/lib/python2.4/site-packages/cobbler/remote.py", line 1737, in _dispatch return method_handle(*params) File "/usr/lib/python2.4/site-packages/cobbler/remote.py", line 1562, in login if self.__validate_user(login_user,login_password): File "/usr/lib/python2.4/site-packages/cobbler/remote.py", line 1475, in __validate_user return self.api.authenticate(input_user,input_password) File "/usr/lib/python2.4/site-packages/cobbler/api.py", line 737, in authenticate rc = self.authn.authenticate(self,user,password) File "/usr/lib/python2.4/site-packages/cobbler/modules/authn_ldap.py", line 113, in authenticate result = dir.search_s(basedn, ldap.SCOPE_SUBTREE, filter, []) File "/usr/lib64/python2.4/site-packages/ldap/ldapobject.py", line 481, in search_s return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout) File "/usr/lib64/python2.4/site-packages/ldap/ldapobject.py", line 475, in search_ext_s return self.result(msgid,all=1,timeout=timeout)[1] File "/usr/lib64/python2.4/site-packages/ldap/ldapobject.py", line 405, in result res_type,res_data,res_msgid = self.result2(msgid,all,timeout) File "/usr/lib64/python2.4/site-packages/ldap/ldapobject.py", line 409, in result2 res_type, res_data, res_msgid, srv_ctrls = self.result3(msgid,all,timeout) File "/usr/lib64/python2.4/site-packages/ldap/ldapobject.py", line 415, in result3 rtype, rdata, rmsgid, serverctrls = self._ldap_call(self._l.result3,msgid,all,timeout) File "/usr/lib64/python2.4/site-packages/ldap/ldapobject.py", line 94, in _ldap_call result = func(*args,**kwargs) Someone can give me a hint on how to authenticate my cobbler users against the active directory? Regards Adrian
_______________________________________________ cobbler mailing list [email protected] https://fedorahosted.org/mailman/listinfo/cobbler
