Re: [graylog2] Re: Graylog v0.20.0 RC.1 : LDAP

Jean-Luc Bassereau Tue, 14 Jan 2014 07:27:31 -0800

Hello,

Can you tell me how to check about this "shadow user" creation in mongodb ?
Btw, i can go to the users system page, but i don't know what to do there...


Furthermore,

Here's the output of the debug during my LDAP connection attempt :


2014-01-14 15:15:56,333 DEBUG:
org.apache.directory.ldap.client.api.LdapNetworkConnection - Bind request
2014-01-14 15:15:56,348 DEBUG:
org.apache.directory.ldap.client.api.LdapNetworkConnection - Sending
request
MessageType : BIND_REQUEST
Message ID : 1
    BindRequest
        Version : '3'
        Name : 'uid=svt,ou=Special Users,dc=mycompany,dc=com'
        Simple authentication : 'password/password in hex '

2014-01-14 15:15:56,348 DEBUG:
org.apache.directory.ldap.client.api.LdapNetworkConnection - Adding <1,
org.apache.directory.ldap.client.api.future.BindFuture>
2014-01-14 15:15:56,355 DEBUG: org.apache.directory.api.CODEC_LOG - Encoded
message
 MessageType : BIND_REQUEST
Message ID : 1
    BindRequest
        Version : '3'
        Name : 'uid=svt,ou=Special Users,dc=mycompany,dc=com'
        Simple authentication : 'password/password in hex '

 : 0x30 0x39 0x02 0x01 0x01 0x60 0x34 0x02 0x01 0x03 0x04 0x26 0x75 0x69
0x64 0x3D 0x73 0x76 0x74 0x2C 0x6F 0x75 0x3D 0x53 0x70 0x65 0x63 0x69 0x61
0x6C 0x20 0x55 0x73 0x65 0x72 0x73 0x2C 0x64 0x63 0x3D 0x61 0x66 0x70 0x2C
0x64 0x63 0x3D 0x63 0x6F 0x6D 0x80 0x07 0x59 0x61 0x70 0x6C 0x75 0x6B 0x61
2014-01-14 15:15:56,360 DEBUG:
org.apache.mina.filter.codec.ProtocolCodecFilter - Processing a
MESSAGE_RECEIVED for session 1
2014-01-14 15:15:56,363 DEBUG: org.apache.directory.api.CODEC_LOG -
Decoding the PDU :
2014-01-14 15:15:56,363 DEBUG: org.apache.directory.api.CODEC_LOG - 0x30
0x0C 0x02 0x01 0x01 0x61 0x07 0x0A 0x01 0x00 0x04 0x00 0x04 0x00
2014-01-14 15:15:56,363 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -
>>>==========================================
2014-01-14 15:15:56,363 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --> Decoding a PDU
2014-01-14 15:15:56,363 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -
>>>------------------------------------------
2014-01-14 15:15:56,363 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State = TAG_STATE_START
---
2014-01-14 15:15:56,364 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x30
2014-01-14 15:15:56,364 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Tag 0x30 has been decoded
2014-01-14 15:15:56,364 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
LENGTH_STATE_START ---
2014-01-14 15:15:56,364 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x0C
2014-01-14 15:15:56,364 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
LENGTH_STATE_END ---
2014-01-14 15:15:56,364 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x02
2014-01-14 15:15:56,364 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Parent length : TLV
expected length stack :  - null
2014-01-14 15:15:56,364 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Root TLV[12]
2014-01-14 15:15:56,364 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Length 12 has been decoded
2014-01-14 15:15:56,364 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
VALUE_STATE_START ---
2014-01-14 15:15:56,364 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x02
2014-01-14 15:15:56,364 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State = TLV_STATE_DONE
---
2014-01-14 15:15:56,364 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x02
2014-01-14 15:15:56,364 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - TLV Tree : TLV0x30(12)
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.grammar.AbstractGrammar - Transition from
state <START_STATE> to state <LDAP_MESSAGE_STATE>, tag <0x30>, action :
LdapMessage initialization
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State = TAG_STATE_START
---
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x02
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Tag 0x02 has been decoded
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
LENGTH_STATE_START ---
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x01
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
LENGTH_STATE_END ---
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x01
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Parent length : TLV
expected length stack :  - 12 - null
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Length 1 has been decoded
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
VALUE_STATE_START ---
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x01
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State = TLV_STATE_DONE
---
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x61
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - TLV Tree :
TLV0x02(1)-TLV0x30(9)
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.grammar.AbstractGrammar - Transition from
state <LDAP_MESSAGE_STATE> to state <MESSAGE_ID_STATE>, tag <0x02>, action
: Store MessageID
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.ldap.codec.actions.ldapMessage.StoreMessageId -
Ldap Message Id has been decoded : 1
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State = TAG_STATE_START
---
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x61
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Tag 0x61 has been decoded
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
LENGTH_STATE_START ---
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x07
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
LENGTH_STATE_END ---
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x0A
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Parent length : TLV
expected length stack :  - 9 - null
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Length 7 has been decoded
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
VALUE_STATE_START ---
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x0A
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State = TLV_STATE_DONE
---
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x0A
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - TLV Tree :
TLV0x61(7)-TLV0x30(0)
2014-01-14 15:15:56,365 DEBUG:
org.apache.directory.api.asn1.ber.grammar.AbstractGrammar - Transition from
state <MESSAGE_ID_STATE> to state <BIND_RESPONSE_STATE>, tag <0x61>, action
: Init BindResponse
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State = TAG_STATE_START
---
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x0A
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Tag 0x0A has been decoded
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
LENGTH_STATE_START ---
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x01
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
LENGTH_STATE_END ---
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x00
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Parent length : TLV
expected length stack :  - 7 - 0 - null
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Length 1 has been decoded
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
VALUE_STATE_START ---
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x00
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State = TLV_STATE_DONE
---
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x04
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - TLV Tree :
TLV0x0A(1)-TLV0x61(4)-TLV0x30(0)
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.grammar.AbstractGrammar - Transition from
state <BIND_RESPONSE_STATE> to state <RESULT_CODE_BR_STATE>, tag <0x0A>,
action : Store resultCode
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.ldap.codec.actions.ldapResult.StoreResultCode -
The result code is set to SUCCESS
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State = TAG_STATE_START
---
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x04
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Tag 0x04 has been decoded
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
LENGTH_STATE_START ---
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x00
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
LENGTH_STATE_END ---
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x04
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Parent length : TLV
expected length stack :  - 4 - 0 - null
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Length 0 has been decoded
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State = TLV_STATE_DONE
---
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x04
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - TLV Tree :
TLV0x04(0)-TLV0x61(2)-TLV0x30(0)
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.grammar.AbstractGrammar - Transition from
state <RESULT_CODE_BR_STATE> to state <MATCHED_DN_BR_STATE>, tag <0x04>,
action : Store matched Dn
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.ldap.codec.actions.ldapResult.StoreMatchedDN - The
matchedDn is
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State = TAG_STATE_START
---
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x04
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Tag 0x04 has been decoded
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
LENGTH_STATE_START ---
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   current byte : 0x00
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State =
LENGTH_STATE_END ---
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   no more byte to decode in
the stream
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Parent length : TLV
expected length stack :  - 2 - 0 - null
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - Length 0 has been decoded
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - --- State = TLV_STATE_DONE
---
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -   no more byte to decode in
the stream
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - TLV Tree :
TLV0x04(0)-TLV0x61(0)-TLV0x30(0)
2014-01-14 15:15:56,377 DEBUG:
org.apache.directory.api.asn1.ber.grammar.AbstractGrammar - Transition from
state <MATCHED_DN_BR_STATE> to state <ERROR_MESSAGE_BR_STATE>, tag <0x04>,
action : Store error message
2014-01-14 15:15:56,378 DEBUG:
org.apache.directory.api.ldap.codec.actions.ldapResult.StoreErrorMessage -
The error message is :
2014-01-14 15:15:56,378 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -
<<<------------------------------------------
2014-01-14 15:15:56,378 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder - <-- Stop decoding : TLV[
0x04, 0, []]
2014-01-14 15:15:56,378 DEBUG:
org.apache.directory.api.asn1.ber.Asn1Decoder -
<<<==========================================
2014-01-14 15:15:56,378 DEBUG: org.apache.directory.api.CODEC_LOG - Decoded
LdapMessage : MessageType : BIND_RESPONSE
Message ID : 1
    BindResponse
        Ldap Result
            Result code : (SUCCESS) success
            Matched Dn : ''
            Diagnostic message : ''

2014-01-14 15:15:56,379 DEBUG:
org.apache.directory.ldap.client.api.LdapNetworkConnection - ------->
MessageType : BIND_RESPONSE
Message ID : 1
    BindResponse
        Ldap Result
            Result code : (SUCCESS) success
            Matched Dn : ''
            Diagnostic message : ''
 Message received <-------
2014-01-14 15:15:56,379 DEBUG:
org.apache.directory.ldap.client.api.LdapNetworkConnection - Getting <1,
org.apache.directory.ldap.client.api.future.BindFuture>
2014-01-14 15:15:56,379 DEBUG:
org.apache.directory.ldap.client.api.LdapNetworkConnection - Bind
successful : MessageType : BIND_RESPONSE
Message ID : 1
    BindResponse
        Ldap Result
            Result code : (SUCCESS) success
            Matched Dn : ''
            Diagnostic message : ''

2014-01-14 15:15:56,379 DEBUG:
org.apache.directory.ldap.client.api.LdapNetworkConnection - Removing <1,
org.apache.directory.ldap.client.api.future.BindFuture>
2014-01-14 15:15:56,379 DEBUG:
org.apache.directory.ldap.client.api.LdapNetworkConnection - Bind
successful : MessageType : BIND_RESPONSE
Message ID : 1
    BindResponse
        Ldap Result
            Result code : (SUCCESS) success
            Matched Dn : ''
            Diagnostic message : ''

2014-01-14 15:15:56,400 DEBUG:
org.apache.directory.ldap.client.api.LdapNetworkConnection - Sending
request
MessageType : SEARCH_REQUEST
Message ID : 2
    SearchRequest
        baseDn : 'ou=people,dc=mycompany,dc=com'
        filter : '(&(objectClass=inetOrgPerson)(uid=jlbassereau))'
        scope : whole subtree
        typesOnly : false
        Size Limit : no limit
        Time Limit : no limit
        Deref Aliases : deref Always
        attributes : '*'
org.apache.directory.api.ldap.model.message.SearchRequestImpl@ea5d1f5d
2014-01-14 15:15:56,400 DEBUG:
org.apache.directory.ldap.client.api.LdapNetworkConnection - Adding <2,
org.apache.directory.ldap.client.api.future.SearchFuture>



2014/1/14 Kay Röpke <[email protected]>

> It should, at least our test servers worked.
> Can you log in with the admin account and take a look at the users system
> page, please, to see if it could create the shadow user account in mongodb?
> The accounts should have a cloud sign next to them.
>
> Otherwise, could you start the server with --debug and try to log in again
> with the ldap account?
>
> thanks!
>
> On Tuesday, January 14, 2014 3:14:35 PM UTC+1, Jean-Luc Bassereau wrote:
>
>> Hmmm...
>> It's like my screenshot stayed at home...
>>
>> Then, binding test, login test and login error page are now attached.
>>
>>
>> 2014/1/14 Jean-Luc Bassereau <[email protected]>
>>
>> Hello,
>>>
>>> Should LDAP connector be working on this release ?
>>> Here's my settings, under /system/ldap, I've set binding to my ldap
>>> server.
>>> The test server connection seems to work well :
>>>
>>>
>>>
>>> Besides, then credential tests works well with my own account :
>>>
>>>
>>>
>>>
>>> Whereas, when I try to log in with my LDAP account, it fails with this :
>>>
>>>
>>>
>>> --
>>> Regards,
>>> Jean-Luc Bassereau
>>>
>>
>>
>>
>> --
>> Cordialement,
>> Jean-Luc Bassereau
>>
>  --
> You received this message because you are subscribed to the Google Groups
> "graylog2" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> For more options, visit https://groups.google.com/groups/opt_out.
>



-- 
Cordialement,
Jean-Luc Bassereau

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.

Re: [graylog2] Re: Graylog v0.20.0 RC.1 : LDAP

Reply via email to