1) Please try use Your data "exactly" in some other tool. I prefere
Apache Directory Studio (http://directory.apache.org/studio/). Just
use this same informations to connect with Your LDAP server
2) Maybe LDAP base dn need more specific place to start searching. Try
to be more specific e.g. ou=OrgUnit,dc=example,dc=com
3) User mask: I use sAMAccountName as You said. If I remember well I
also don't have (&()()) just &()() (but for now I'm not sure). I know
outer bracket is necessery but not in that case. Another thing. Isn't
LDAP case sensitive? Should be "objectClass" ?
4) Try use this filter (replacing %s by Your username) and use as
filter search in Apache Directory Studio
5) Try change format of UserMask to j...@orgunit.example.com

The most important thing is 2) and if doesn't work 3) and 5). After
that just try sniffing arround using Apache Directory Studio and just
be careful about the details.

On Thu, Feb 3, 2011 at 1:29 AM, Christian Hammond <chip...@chipx86.com> wrote:
> I'd be happy for someone with more knowledge and expertise with LDAP to step
> up and help get our LDAP configuration settings under control, provide
> better names, maybe some docs. Anyone want to help with that?
>
> Christian
>
> --
> Christian Hammond - chip...@chipx86.com
> Review Board - http://www.reviewboard.org
> VMware, Inc. - http://www.vmware.com
>
>
> On Fri, Jan 28, 2011 at 8:43 AM, Rob <rrom...@gmail.com> wrote:
>>
>> I struggled a bit to make it work too, but here's what I finally used.
>> I am running ReviewBoard on CentOS 5.2 under Apache/mod_python/Python
>> 2.5.1/linux64.  (The Python ldap module, linking to openldap libs I
>> believe, is responsible for the actual connection.)
>>
>>
>>
>> LDAP server: ldap://serverhostname.example.com:389
>> LDAP base DN: dc=example,dc=com
>> E-Mail Domain: <leave blank>
>> E-mail LDAP attribute: mail
>> Left "Use TLS" unchecked
>> User Mask: (&(objectclass=User) (mailNickname=%s))
>>   - in our case, mailNickname is always the account name. I think
>> 'sAMAccountName' is commonplace too. Basically extracts just the
>> userid of the record.
>>
>> Our server requires a user to bind & connect first, before doing the
>> query. This is what "Anonymous User Mask" refers to (hint to RB
>> authors: try renaming this field to something else?)
>> For example, if 'jdoe' is the user I want to use for all lookups, on
>> OU OrgUnit, you would put in:
>>
>> Anonymous User Mask: cn=jdoe,ou=OrgUnit,dc=example,dc=com
>> Anonymous Password: ******
>>  -- just the password
>>
>>
>>
>> On Jan 28, 2:47 am, David <courn...@gmail.com> wrote:
>> > Hi,
>> >
>> > I am trying to get reviewboard authentificate through our LDAP
>> > infrastructure, but I cannot make it work (got "the specified object
>> > does not exist").
>> >
>> > I don't know much about LDAP unfortunately, so I am not sure where the
>> > error lies. We got trac connecting to LDAP, but at the apache level,
>> > as followed:
>> >
>> >   AuthName "Company Name"
>> >   AuthLDAPURL "ldap://x.x.x.x:389/ou=people,dc=x,dc=y,dc=z";
>> >   AuthLDAPBindDN "cn=admin,dc=x,dc=y,dc=z"
>> >   AuthLDAPBindPassword xxxxxxxxxxxxxx
>> >
>> > FWIW, I could not make it work using the python ldap library either:
>> >
>> >   l = ldap.open("x.x.x.x:389")
>> >   username = "cn=admin,dc=x,dc=y,dc=z"
>> >   password = "xxxxxxxxx"
>> >
>> >   l.simple_bind(username, password) # fails with (2, 'No such file or
>> > directory')
>>
>> --
>> Want to help the Review Board project? Donate today at
>> http://www.reviewboard.org/donate/
>> Happy user? Let us know at http://www.reviewboard.org/users/
>> -~----------~----~----~----~------~----~------~--~---
>> To unsubscribe from this group, send email to
>> reviewboard+unsubscr...@googlegroups.com
>> For more options, visit this group at
>> http://groups.google.com/group/reviewboard?hl=en
>
> --
> Want to help the Review Board project? Donate today at
> http://www.reviewboard.org/donate/
> Happy user? Let us know at http://www.reviewboard.org/users/
> -~----------~----~----~----~------~----~------~--~---
> To unsubscribe from this group, send email to
> reviewboard+unsubscr...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/reviewboard?hl=en



-- 
><> Jan Koprowski

-- 
Want to help the Review Board project? Donate today at 
http://www.reviewboard.org/donate/
Happy user? Let us know at http://www.reviewboard.org/users/
-~----------~----~----~----~------~----~------~--~---
To unsubscribe from this group, send email to 
reviewboard+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/reviewboard?hl=en

Reply via email to