Hello Dominic,
Thanks for the information.
As you mentioned, I have executed `foreman rake console` and entered
`AuthSourceLdap.find_by_name("LDAP-Server").account_password`. But it seems
decryption is failed might be due to the the encryption key issue.
irb(main):001:0> AuthSourceLdap.find_by_name("LDAP-Server").account_password
WARNING: Decryption failed for string. Please check that the ENCRYPTION_KEY
has not changed.
Then I login to foreman GUI and update the same account password and
decryption is working fine.
irb(main):001:0> AuthSourceLdap.find_by_name("LDAP-Server").account_password
Successfully decrypted field for AuthSourceLdap LDAP-Server
Could you please let me know how to troubleshoot it further?
Thanks,
Best Regards,
Unnikrishnan K
On Thu, Jan 26, 2017 at 2:17 PM, Dominic Cleal <[email protected]> wrote:
> On 24/01/17 16:32, Unnikrishnan K wrote:
> > Hello Dominic,
> >
> > Thanks for the reply.
> >
> > I have enabled the debug mode and captured the logs for API call.
> > Please find the attached logs file with this mail.
>
> Thanks, though unfortunately I don't see anything that might explain the
> issue. The account_password does appear to be persisted correctly.
>
> You could perhaps double check by using the Rails console: execute
> `foreman-rake console` and enter:
>
> AuthSourceLdap.find_by_name("LDAP-Server").account_password
>
> This will return the decrypted account password, which should match your
> input.
>
> > After the API call for LDAP configuration, I tried to login to foreman
> > with LDAP user and I am getting below error
> >
> > 2017-01-24T11:09:52 [ldap] [D] op bind (6105.6ms) [ result=failure ]
> > 2017-01-24T11:09:52 [ldap] [D] valid_user? (6106.3ms) [ user=b09871 ]
> > 2017-01-24T11:09:52 [app] [W] Error during authentication against
> > 'LDAP-LDAP-Server'
> > | LdapFluff::Generic::UnauthenticatedException: Could not bind to
> > ActiveDirectory user [email protected]
> > <mailto:[email protected]>
> > |
> > /usr/share/foreman/vendor/ruby/2.0.0/gems/ldap_fluff-0.4.1/
> lib/ldap_fluff/generic.rb:59:in
> > `service_bind'
> >
> > Then I login to Foreman GUI and update the same account password from
> > GUI and it is working fine.
>
> Could you capture the SQL log while updating the account? Perhaps the
> "UPDATE" SQL query will help show which fields have changed.
>
> --
> Dominic Cleal
> [email protected]
>
> --
> You received this message because you are subscribed to the Google Groups
> "Foreman users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To post to this group, send email to [email protected].
> Visit this group at https://groups.google.com/group/foreman-users.
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
