Hi Jay,
I'm using LDAP over ldaps and with user/password and I didn't need to tweak any
of the gitorious code. So, this *shouldn't* be needed AFAIK.
One thing you do want to do is update the LDAP library. I already put in a
merge request. But with the old 0.0.4 LDAP library, I would get werid errors.
The upgrade is not difficult, but you need to pay attention because the LDAP
library has changed name..
At first, I wanted to use a ldap-user for logging in, like you suggested. But
then I realized that you can just login as the actual user. We configured the
authentication.yml as:
methods:
- adapter: Gitorious::Authentication::LDAPAuthentication
server: server-name :)
port: 636
base_dn: dc=companyname,dc=com
login_attribute: uid
distinguished_name_template: "uid={},ou=people,dc=company,dc=com"
attribute_mapping:
mail: email
encryption: simple_tls
(I changed the sername and the DNs)
Hope this will help you.
Thanks,
Bas
On 03-Mar-2012, at 1:17 PM, JayP wrote:
> So it turns out this error message comes when you use the wrong port and use
> encryption. The port is "636" when your using encryption.
>
> I also had to tweak the valid_credentials? method to use bind_as since we
> need to bind first with a special username/password then bind_as using the
> login username/password.
>
> On Friday, March 2, 2012 11:18:22 AM UTC-5, JayP wrote:
> Just to add a little more information to this. We have a username and
> password to the ldap server that is different from the actual user that I
> need to authenticate. Meaning the ldap server username is like so:
>
> "CN=ldap-user,CN=Users,DC=NAME,DC=LOCAL"
>
> Where do I add this and the ldap password in the authentication.yml file?
> And when testing the ldap server using the script I am guessing I am using my
> ldap account to verify.
>
> Thanks.
>
> On Friday, March 2, 2012 10:33:34 AM UTC-5, JayP wrote:
> Hey guys,
>
> I'm getting this failure when I try to test my ldap settings:
>
> /usr/lib/ruby/gems/1.8/gems/ruby-net-ldap-0.0.4/lib/net/ldap.rb:1059:in
> `connect': SSL_connect SYSCALL returned=5 errno=0 state=unknown state
> (OpenSSL::SSL::SSLError)
> from
> /usr/lib/ruby/gems/1.8/gems/ruby-net-ldap-0.0.4/lib/net/ldap.rb:1059:in
> `setup_encryption'
> from
> /usr/lib/ruby/gems/1.8/gems/ruby-net-ldap-0.0.4/lib/net/ldap.rb:1025:in
> `initialize'
> from
> /usr/lib/ruby/gems/1.8/gems/ruby-net-ldap-0.0.4/lib/net/ldap.rb:700:in `new'
> from
> /usr/lib/ruby/gems/1.8/gems/ruby-net-ldap-0.0.4/lib/net/ldap.rb:700:in `bind'
> from
> /var/www/gitorious/lib/gitorious/authentication/ldap_authentication.rb:61:in
> `valid_credentials?'
> from script/test_ldap_connection:18
>
> I think it may have to do with our server requires a username and password to
> the ldap server but I couldn't find out what the exact attributes are for
> this. Anyone else doing this? Thanks in advance for your help.
>
> Thanks,
> Jay
>
> --
> To post to this group, send email to [email protected]
> To unsubscribe from this group, send email to
> [email protected]
--
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
