Excpet for the actual server address, they go like this.  I'm not entirely
sure what kind of LDAP server it is, but I think it's something like Mac OS
X Server 10.6.8.  (I don't run that system.)

LDAP Server: ldap://my.ldap.server
LDAP Base DN: cn=users,dc=ldap,dc=server
Given Name Attribute: givenName
Surname Attribute: sn
Full Name Attribute: cn
E-Mail Domain: <blank>
E-Mail LDAP Attribute: mail
Use TLS for authentication <off>
User Mask: (uid=%s)
Anonymous User Mask: <blank>
Anonymous User Password: <blank>

Ian

On Thu, Nov 10, 2011 at 10:48 PM, Nilesh Jaiswal <nileshj...@gmail.com>wrote:

> Could you get me following details.
>
> Login as admin to your reviewboard.
>
> 1. Click to setting tab.
> 2. Click Authentication tab.
>
> and get me details of the field mentioned then i can help you further.
>
> LDAP Server:
> LDAP Base DN:
> User Mask:
> Anonymous User Mask:
>  etc
>
>
>
> On Fri, Nov 11, 2011 at 11:35 AM, Mail Team <email....@gmail.com> wrote:
>
>> Oh, and I have a clone of the server if there's anything I can do for
>> testing.  My Python skills are somewhere between crappy and nonexistent,
>> but I can follow directions and install whatever crazy stuff on my clone to
>> help.
>>
>> Ian
>>
>>
>> On Thu, Nov 10, 2011 at 9:59 PM, Mail Team <email....@gmail.com> wrote:
>>
>>> Sorry, to answer your question from a few days ago, LDAP logins aren't
>>> currently working at all for me, either from the web UI or from post-review.
>>>
>>> Ian
>>>
>>>
>>> On Thu, Nov 10, 2011 at 2:54 AM, Nilesh Jaiswal <nileshj...@gmail.com>wrote:
>>>
>>>>
>>>> Hi Chris,
>>>>
>>>> The changes are done are as below please find the snippet.
>>>>
>>>> class LDAPBackend(AuthBackend):
>>>>     """Authenticate against a user on an LDAP server."""
>>>>     name = _('LDAP')
>>>>     settings_form = LDAPSettingsForm
>>>>
>>>>     def authenticate(self, username, password):
>>>>         username = username.strip()
>>>>         uid = settings.LDAP_UID_MASK % username
>>>>         logging.info("Start Authenticating username: %s" % username)
>>>>         logging.info("User UID is : %s" % uid)
>>>>         try:
>>>>             import ldap
>>>>             ldapo = ldap.initialize(settings.LDAP_URI)
>>>>             ldapo.set_option(ldap.OPT_REFERRALS, 0)
>>>>             ldapo.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
>>>>             if settings.LDAP_TLS:
>>>>                 ldapo.start_tls_s()
>>>>
>>>>         *    # May need to log in as the anonymous user before
>>>> searching.
>>>>             Filter = '(&(objectClass=*)(sAMAccountName=%s))' % username
>>>>             Attrs=['displayName']
>>>> *
>>>>             if settings.LDAP_ANON_BIND_UID:
>>>>                 ldapo.simple_bind_s(settings.LDAP_ANON_BIND_UID,
>>>>                                     settings.LDAP_ANON_BIND_PASSWD)
>>>>
>>>>            *search = ldapo.search(settings.LDAP_BASE_DN,
>>>> ldap.SCOPE_SUBTREE, Filter, Attrs)*
>>>>
>>>>             if not search:
>>>>                 # no such a user, return early, no need for bind
>>>> attempts
>>>>                 logging.warning("LDAP error: The specified object does
>>>> not "
>>>>                                 "exist in the Directory: %s" %
>>>>                                 uid)
>>>>                 return None
>>>> *            # Adding my code Start
>>>>             search = ldapo.search_s(settings.LDAP_BASE_DN,
>>>> ldap.SCOPE_SUBTREE, Filter)
>>>>             # Adding my code End
>>>> *
>>>>
>>>> Similar changes in
>>>>     def get_or_create_user(self, username):
>>>>
>>>> *                Filter = '(&(objectClass=*)(sAMAccountName=%s))' %
>>>> username
>>>>                 Attrs=['displayName']
>>>> #                passwd = ldapo.search_s(settings.LDAP_BASE_DN,
>>>> #                                        ldap.SCOPE_SUBTREE,
>>>> #                                        settings.LDAP_UID_MASK %
>>>> username)
>>>>                 passwd = ldapo.search_s(settings.LDAP_BASE_DN,
>>>>                                         ldap.SCOPE_SUBTREE, Filter,
>>>> Attrs)
>>>> *            if len(password) == 0:
>>>>                 # Don't try to bind using an empty password; the server
>>>> will
>>>>                 # return success, which doesn't mean we have
>>>> authenticated.
>>>>                 # http://tools.ietf.org/html/rfc4513#section-5.1.2
>>>>                 # http://tools.ietf.org/html/rfc4513#section-6.3.1
>>>>                 logging.warning("Empty password for: %s" % uid)
>>>>                 return None
>>>>
>>>>             ldapo.bind_s(search[0][0], password)
>>>>
>>>>             return self.get_or_create_user(username)
>>>>
>>>>
>>>> After this changes i was able to authenticate using LDAP user from RB
>>>> GUI. This is my customize fix, if you have better fix please let us know.
>>>>
>>>> Regards,
>>>> Nilesh
>>>>
>>>> On Thu, Nov 10, 2011 at 3:52 PM, Christian Hammond <chip...@chipx86.com
>>>> > wrote:
>>>>
>>>>> Can you tell me what change you made? I'd like to get a fix into a
>>>>> release.
>>>>>
>>>>>
>>>>> Christian
>>>>>
>>>>> --
>>>>> Christian Hammond - chip...@chipx86.com
>>>>> Review Board - http://www.reviewboard.org
>>>>> VMware, Inc. - http://www.vmware.com
>>>>>
>>>>>
>>>>> On Wed, Nov 9, 2011 at 11:45 PM, Nilesh Jaiswal 
>>>>> <nileshj...@gmail.com>wrote:
>>>>>
>>>>>> Its seems, you need to make the changes in the backends.py to add the
>>>>>> filter for the LDAP user, I was also facing this issue then i add the
>>>>>> filter and it started working for me
>>>>>>
>>>>>>
>>>>>> On Tue, Nov 8, 2011 at 4:58 AM, Christian Hammond <
>>>>>> chip...@chipx86.com> wrote:
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> Are you just having trouble with API logins using post-review, or
>>>>>>> the website as well?
>>>>>>>
>>>>>>> There are some issues we haven't yet tracked down specifically with
>>>>>>> LDAP logins with the API. I honestly don't know what's going on there, 
>>>>>>> and
>>>>>>> nobody who has such a setup has been able to debug enough to figure out 
>>>>>>> the
>>>>>>> root cause.
>>>>>>>
>>>>>>> Christian
>>>>>>>
>>>>>>> --
>>>>>>> Christian Hammond - chip...@chipx86.com
>>>>>>> Review Board - http://www.reviewboard.org
>>>>>>> VMware, Inc. - http://www.vmware.com
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mon, Nov 7, 2011 at 2:41 PM, Mail Team <email....@gmail.com>wrote:
>>>>>>>
>>>>>>>> And the server is ReviewBoard 1.6.1 with Django 1.3.1, Djblets
>>>>>>>> 0.6.13, django_evolution 0.6.5.
>>>>>>>>
>>>>>>>> Ian
>>>>>>>>
>>>>>>>>
>>>>>>>> On Sun, Nov 6, 2011 at 1:13 AM, Mail Team <email....@gmail.com>wrote:
>>>>>>>>
>>>>>>>>> And the client was using Python 2.7 all along.  It was using
>>>>>>>>> RBTools 0.3.3, I tried updating them to 0.3.4 but that didn't make a
>>>>>>>>> difference.
>>>>>>>>>
>>>>>>>>> Ian
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Sun, Nov 6, 2011 at 1:12 AM, Mail Team <email....@gmail.com>wrote:
>>>>>>>>>
>>>>>>>>>> A bit more info:
>>>>>>>>>> My old server used Python 2.6, my new server uses 2.7.
>>>>>>>>>>
>>>>>>>>>> $ post-review --debug -o dummyfile
>>>>>>>>>> >>> RBTools 0.3.4
>>>>>>>>>> >>> Home = /path/to/my/home
>>>>>>>>>> >>> svn info
>>>>>>>>>> >>> diff --version
>>>>>>>>>> >>> repository info: Path: svn+ssh://my.repository/url, Base
>>>>>>>>>> path: /trunk, Supports changesets: False
>>>>>>>>>> >>> svn propget reviewboard:url /path/to/my/working/copy/trunk
>>>>>>>>>> >>> HTTP GETting api/
>>>>>>>>>> >>> HTTP GETting
>>>>>>>>>> http://my.reviewboard.server/codereviews/api/info/
>>>>>>>>>> ==> HTTP Authentication Required
>>>>>>>>>> Enter authorization information for "Web API" at
>>>>>>>>>> mailteam.apple.com
>>>>>>>>>> Username: iana
>>>>>>>>>> Password:
>>>>>>>>>> >>> Got API Error 103 (HTTP code 401): You are not logged in
>>>>>>>>>> >>> Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not
>>>>>>>>>> logged in', u'code': 103}}
>>>>>>>>>> Unable to log in with the supplied username and password.
>>>>>>>>>>
>>>>>>>>>> When I use post-review as above, I do get some logs but they're
>>>>>>>>>> not all that helpful to me.
>>>>>>>>>> DEBUG Attempting authentication on API for user iana
>>>>>>>>>> DEBUG API Login failed. No valid user found.
>>>>>>>>>>
>>>>>>>>>> On Sun, Nov 6, 2011 at 1:43 AM, Mail Team <email....@gmail.com>wrote:
>>>>>>>>>>
>>>>>>>>>>> I moved my Review Board installation to a new server via rb-site
>>>>>>>>>>> manage dumpdata/loaddata which seemed to go fine, but now LDAP 
>>>>>>>>>>> logins don't
>>>>>>>>>>> work.  If I go into the admin interface and click on Logs, there's 
>>>>>>>>>>> nothing.
>>>>>>>>>>>  Any idea how I could debug this? Any silly gotchas that I might be 
>>>>>>>>>>> missing?
>>>>>>>>>>>
>>>>>>>>>>> Ian
>>>>>>>>>>>
>>>>>>>>>>

-- 
Want to help the Review Board project? Donate today at 
http://www.reviewboard.org/donate/
Happy user? Let us know at http://www.reviewboard.org/users/
-~----------~----~----~----~------~----~------~--~---
To unsubscribe from this group, send email to 
reviewboard+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/reviewboard?hl=en

Reply via email to