On Sat, 2011-10-01 at 00:43 +0530, jack jack wrote:
> After configuration of LDAP we need create specfic user in the review
> board right?
> 
> I added following entries 
> 
> 
> 
> LDAP host = ldap://nascmroot01:3268 
> 
> BaseDN = dc=xxxxxxware,dc=com 
> 
> 
> Do i need to fill all the information in LDAP setting.
> 
> In the reviewboard log i can see following error message, what is
> going wrong here. How can i increase the debug level of review baord
> error to get more information
> 
> 2011-09-30 09:27:36,742 - WARNING - LDAP error: {'info': '00000000:
> LdapErr: DSID-0C090627, comment: In order to perform this operation a
> successful bind must be completed on the connection., data 0, vece',
> 'desc': 'Operations error'}
> 2011-09-30 09:27:56,909 - WARNING - LDAP error: {'info': '00000000:
> LdapErr: DSID-0C090627, comment: In order to perform this operation a
> successful bind must be completed on the connection., data 0, vece',
> 'desc': 'Operations error'}

This error means that your LDAP server doesn't support anonymous
searches. ReviewBoard's LDAP auth provider lists this in the source:

            if settings.LDAP_ANON_BIND_UID:
                ldapo.simple_bind_s(settings.LDAP_ANON_BIND_UID,
                                    settings.LDAP_ANON_BIND_PASSWD)

It's actually pretty poorly named, since if you're providing a BIND_UID,
you're no longer anonymous. But somehow you need to set these two values
to an authenticated user in LDAP that has privilege to perform searches.

I see 

# A mapping of siteconfig setting names to Django settings.py names.
# This also contains all the djblets-provided mappings as well.
settings_map = {
    'auth_ldap_anon_bind_uid':        'LDAP_ANON_BIND_UID',
    'auth_ldap_anon_bind_passwd':     'LDAP_ANON_BIND_PASSWD',
    ...

in siteconfig.py, which suggests that these options ARE available.

My suspicion here is that the two options:
Anonymous User Mask:
and
Anonymous User Password:

in the LDAP configuration page is what actually sets these, though it is
EXTREMELY confusingly-named. I'll submit a patch to improve this a
little later today.

So in short, you need to set
Anonymous User Mask: uid=username,cn=Accounts,dc=example,dc=com
(substitute a REAL bind DN here)
Anonymous User Password: <password>

This should get you in. You may need to contact your LDAP administrator
to ask what the correct setting should be.


-- 
Want to help the Review Board project? Donate today at 
http://www.reviewboard.org/donate/
Happy user? Let us know at http://www.reviewboard.org/users/
-~----------~----~----~----~------~----~------~--~---
To unsubscribe from this group, send email to 
reviewboard+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/reviewboard?hl=en

Reply via email to