[jira] [Commented] (CLOUDSTACK-10239) User LDAP authentication not working in UI (but works via API)

Wed, 24 Jan 2018 03:38:26 -0800 

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10239?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16337438#comment-16337438
 ] 

Daan Hoogland commented on CLOUDSTACK-10239:
--------------------------------------------

[~jean-francois.nadeau] can you share relevant logs and preferably stack traces?

> User LDAP authentication not working in UI (but works via API)
> --------------------------------------------------------------
>
>                 Key: CLOUDSTACK-10239
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10239
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Management Server
>    Affects Versions: 4.11.0.0
>         Environment: CentOS 7, KVM, MSAD
>            Reporter: Jean-Francois Nadeau
>            Assignee: Daan Hoogland
>            Priority: Major
>
> hi,
> I setup LDAP authentication with the microsoft AD ldap provider and get 
> different behaviors in the UI vs using the API (cs python cli)
> Through the UI,  I can see the list of our AD users using the "Add ldap 
> account" action but selecting a user and adding it returns there are no 
> username by that name:
> INFO  [c.c.a.ApiServer] (qtp510113906-20:ctx-e32d5ff4 ctx-c3c50b46) 
> (logid:89c8c538) No LDAP user exists with the username of <user>
>  
> Doing the same thing from though CLI works fine:
> $ cs ldapCreateAccount username=markp accounttype=1 account=admin
>  ...
> {
>  "account": "admin", 
>  "accountid": "0683fdb0-fbae-11e7-9574-96a9f76bb706", 
>  "accounttype": 1, 
>  "created": "2018-01-18T19:21:31+0000", 
>  "domain": "ROOT", 
>  "domainid": "d9bbe213-fbad-11e7-9574-96a9f76bb706", 
> "firstname": "Mark", 
>  "id": "5ed90ce8-5c54-4f72-8579-639947f5c368", 
>  "iscallerchilddomain": false, 
>  "isdefault": false, 
>  "lastname": "p", 
>  "roleid": "f8a368af-fbad-11e7-9574-96a9f76bb706", 
>  "rolename": "Root Admin", 
>  "roletype": "Admin", 
>  "state": "enabled", 
>  "username": "markp", 
>  "usersource": "ldap"
>  }
>  
> Also,  once this user is added,  he can not login in the UI using his LDAP 
> credentials with the same error in the ms logs.  Then,  if i generate keys 
> for that same admin user,  he can use the API without problems.
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to