I was able to get my LDAP configuration working with the following configuration in trytond.conf:
trytond.conf [ldap_authentication] # The URI to connect to the LDAP server. #uri = ldap://host:port/dn?attributes?scope?filter?extensions uri = ldap://192.168.2.5/ou=people, dc=gnuhealth,dc=org?objectClass?onelevel On Wed, Dec 2, 2015 at 5:41 PM, Jose Eugenio Quesada <[email protected]> wrote: > Hi Cedric, > > Thanks for your reply. I'm still stuck though as I do not know what to put > in the UID attribute value. > > Do you have a sample ldap_configuration file that I can use as a template? > > What kind of permissions are needed for the libuser on OpenLDAP? > > Thanks, > > Joe Gene > > On Wed, Dec 2, 2015 at 1:00 AM, <[email protected]> wrote: > >> Send Health-dev mailing list submissions to >> [email protected] >> >> To subscribe or unsubscribe via the World Wide Web, visit >> https://lists.gnu.org/mailman/listinfo/health-dev >> or, via email, send a message with subject or body 'help' to >> [email protected] >> >> You can reach the person managing the list at >> [email protected] >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of Health-dev digest..." >> >> >> Today's Topics: >> >> 1. Help with LDAP configuration (Joe Gene Q) >> 2. Re: Help with LDAP configuration (C?dric Krier) >> >> >> ---------------------------------------------------------------------- >> >> Message: 1 >> Date: Tue, 1 Dec 2015 10:17:28 +0800 >> From: Joe Gene Q <[email protected]> >> To: [email protected] >> Subject: [Health-dev] Help with LDAP configuration >> Message-ID: >> < >> canczftsmfvcjxf2jwg+kpuzqoxmjezqp5wmohk8sshmcx2g...@mail.gmail.com> >> Content-Type: text/plain; charset="utf-8" >> >> >> Hi, >> >> I am trying to configure GNU Health to connect to an LDAP server for LDAP >> based authentication. >> >> I got as far as adding an LDAP connection string in trytond.conf, and >> getting the LDAP server and the tryton server to communicate and exchange >> messages. >> >> I am now getting an error in my slapd log file, and I don't know how to >> proceed. >> >> I installed ldap_authentication module ver 3.4.4, and I am using GNU >> Health >> ver 2.8.1. The LDAP Server I am using runs on CENTOS 6 >> >> Would really appreciate the help. >> >> Here are the relevant logs, configurations: >> >> GNU Health Log >> >> [Tue Dec 01 01:53:30 2015] >> ERROR:trytond.modules.ldap_authentication.res:LDAPError: {'desc': 'No such >> object'} >> [Tue Dec 01 01:53:31 2015] INFO:trytond.protocols.dispatcher:bad login or >> password 'cameroncordara1' from ::ffff:192.168.2.3:9652 using JSON-RPC on >> database 'gnuhealth_custom9_account_es' >> >> >> var/log/slapd >> >> Nov 30 03:42:23 nethserver slapd[780]: conn=1271 fd=26 ACCEPT from IP= >> 192.168.2.39:45632 (IP=0.0.0.0:389) >> Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SRCH >> base="cn=libuser,ou=people,dc=directory,dc=nh" scope=0 deref=0 >> filter="(uid=cameroncordara1)" >> Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SRCH attr=uid >> Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SEARCH RESULT >> tag=101 >> err=32 nentries=0 text= >> Nov 30 03:42:24 nethserver slapd[780]: conn=1271 op=1 UNBIND >> Nov 30 03:42:24 nethserver slapd[780]: conn=1271 fd=26 closed >> >> >> trytond.conf >> >> [ldap_authentication] >> # The URI to connect to the LDAP server. >> #uri = ldap://host:port/dn?attributes?scope?filter?extensions >> # A basic default URL could look like >> uri = ldap://192.168.2.5:389/cn=libuser,ou=people,dc=directory,dc=nh >> bind_pass = ***************** >> >> PHPLDAPAdmin >> >> User: Logged in as: uid=cameroncordara1,ou=People,dc=directory,dc=nh >> >> >> Info on cameroncordara1: >> # LDIF Export for uid=cameroncordara1,ou=People,dc=directory,dc=nh >> # Server: Local LDAP Server (127.0.0.1) >> # Search Scope: base >> # Search Filter: (objectClass=*) >> # Total Entries: 1 >> # >> # Generated by phpLDAPadmin (http://phpldapadmin.sourceforge.net) on >> November 30, 2015 3:46 am >> # Version: 1.2.3 >> >> version: 1 >> >> # Entry 1: uid=cameroncordara1,ou=People,dc=directory,dc=nh >> dn: uid=cameroncordara1,ou=People,dc=directory,dc=nh >> cn: Cameron Cordara >> displayname: cameroncordara1 >> gecos: cameroncordara1 >> gidnumber: 5004 >> givenname: Cameron >> homedirectory: /var/lib/nethserver/home/cameroncordara1 >> l: Hometown >> loginshell: /usr/libexec/openssh/sftp-server >> o: Example Org >> objectclass: posixAccount >> objectclass: shadowAccount >> objectclass: inetOrgPerson >> objectclass: sambaSamAccount >> objectclass: person >> ou: Main >> sambaacctflags: [U ] >> sambapasswordhistory: >> 000000000000000000000000000000000000000000000000000000 >> 0000000000 >> sambapwdlastset: 1448868739 >> sambasid: S-1-5-21-2926184770-3520563768-3089542549-1006 >> shadowexpire: -1 >> shadowflag: -1 >> shadowinactive: -1 >> shadowlastchange: 16769 >> shadowmax: 180 >> shadowmin: 0 >> shadowwarning: 7 >> sn: Cordara >> street: 123 Main Street >> telephonenumber: 575-1685 >> uid: cameroncordara1 >> uidnumber: 5004 >> userpassword: >> {CRYPT}$6$NVvlY8zarTpcLgCb$o6EW2dgBr0LDTKyUc/xRCqR3a1/YwLUzk./ >> /rn0TMPB.Ff8J4zupWnEWJ0PdSWWY0GEu8folQ4AmCpWoBueFY1 >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> URL: < >> http://lists.gnu.org/archive/html/health-dev/attachments/20151201/66d76cd0/attachment.html >> > >> >> ------------------------------ >> >> Message: 2 >> Date: Tue, 1 Dec 2015 09:54:25 +0100 >> From: C?dric Krier <[email protected]> >> To: [email protected] >> Subject: Re: [Health-dev] Help with LDAP configuration >> Message-ID: <[email protected]> >> Content-Type: text/plain; charset="utf-8" >> >> >> On 2015-12-01 10:17, Joe Gene Q wrote: >> > Hi, >> > >> > I am trying to configure GNU Health to connect to an LDAP server for >> LDAP >> > based authentication. >> > >> > I got as far as adding an LDAP connection string in trytond.conf, and >> > getting the LDAP server and the tryton server to communicate and >> exchange >> > messages. >> > >> > I am now getting an error in my slapd log file, and I don't know how to >> > proceed. >> > >> > I installed ldap_authentication module ver 3.4.4, and I am using GNU >> Health >> > ver 2.8.1. The LDAP Server I am using runs on CENTOS 6 >> > >> > Would really appreciate the help. >> > >> > Here are the relevant logs, configurations: >> > >> > GNU Health Log >> > >> > [Tue Dec 01 01:53:30 2015] >> > ERROR:trytond.modules.ldap_authentication.res:LDAPError: {'desc': 'No >> such >> > object'} >> > [Tue Dec 01 01:53:31 2015] INFO:trytond.protocols.dispatcher:bad login >> or >> > password 'cameroncordara1' from ::ffff:192.168.2.3:9652 using JSON-RPC >> on >> > database 'gnuhealth_custom9_account_es' >> > >> > >> > var/log/slapd >> > >> > Nov 30 03:42:23 nethserver slapd[780]: conn=1271 fd=26 ACCEPT from IP= >> > 192.168.2.39:45632 (IP=0.0.0.0:389) >> > Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SRCH >> > base="cn=libuser,ou=people,dc=directory,dc=nh" scope=0 deref=0 >> > filter="(uid=cameroncordara1)" >> > Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SRCH attr=uid >> > Nov 30 03:42:23 nethserver slapd[780]: conn=1271 op=0 SEARCH RESULT >> tag=101 >> > err=32 nentries=0 text= >> >> This looks like the search should not be on uid attribute. >> You can configure the UID attribute in the configuration: >> http://doc.tryton.org/3.4/modules/ldap_authentication/doc/index.html#uid >> >> > Nov 30 03:42:24 nethserver slapd[780]: conn=1271 op=1 UNBIND >> > Nov 30 03:42:24 nethserver slapd[780]: conn=1271 fd=26 closed >> > >> > >> > trytond.conf >> > >> > [ldap_authentication] >> > # The URI to connect to the LDAP server. >> > #uri = ldap://host:port/dn?attributes?scope?filter?extensions >> > # A basic default URL could look like >> > uri = ldap://192.168.2.5:389/cn=libuser,ou=people,dc=directory,dc=nh >> > bind_pass = ***************** >> >> -- >> C?dric Krier - B2CK SPRL >> Email/Jabber: [email protected] >> Tel: +32 472 54 46 59 >> Website: http://www.b2ck.com/ >> -------------- next part -------------- >> A non-text attachment was scrubbed... >> Name: not available >> Type: application/pgp-signature >> Size: 345 bytes >> Desc: not available >> URL: < >> http://lists.gnu.org/archive/html/health-dev/attachments/20151201/278e6ec7/attachment.pgp >> > >> >> ------------------------------ >> >> _______________________________________________ >> Health-dev mailing list >> [email protected] >> https://lists.gnu.org/mailman/listinfo/health-dev >> >> >> End of Health-dev Digest, Vol 53, Issue 1 >> ***************************************** >> > >
