Jean-Francois Nadeau created CLOUDSTACK-10239:
-------------------------------------------------
Summary: User LDAP authentication not working in UI (but works via
API)
Key: CLOUDSTACK-10239
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10239
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Components: Management Server
Affects Versions: 4.11.0.0
Environment: CentOS 7, KVM, MSAD
Reporter: Jean-Francois Nadeau
hi,
I setup LDAP authentication with the microsoft AD ldap provider and get
different behaviors in the UI vs using the API (cs python cli)
Through the UI, I can see the list of our AD users using the "Add ldap
account" action but selecting a user and adding it returns there are no
username by that name:
INFO [c.c.a.ApiServer] (qtp510113906-20:ctx-e32d5ff4 ctx-c3c50b46)
(logid:89c8c538) No LDAP user exists with the username of <user>
Doing the same thing from though CLI works fine:
$ cs ldapCreateAccount username=markp accounttype=1 account=admin
...
{
"account": "admin",
"accountid": "0683fdb0-fbae-11e7-9574-96a9f76bb706",
"accounttype": 1,
"created": "2018-01-18T19:21:31+0000",
"domain": "ROOT",
"domainid": "d9bbe213-fbad-11e7-9574-96a9f76bb706",
"firstname": "Mark",
"id": "5ed90ce8-5c54-4f72-8579-639947f5c368",
"iscallerchilddomain": false,
"isdefault": false,
"lastname": "p",
"roleid": "f8a368af-fbad-11e7-9574-96a9f76bb706",
"rolename": "Root Admin",
"roletype": "Admin",
"state": "enabled",
"username": "markp",
"usersource": "ldap"
}
Also, once this user is added, he can not login in the UI using his LDAP
credentials with the same error in the ms logs. Then, if i generate keys for
that same admin user, he can use the API without problems.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
