do you have server log? /etc/httpd/logs/error.log

On Fri, Nov 11, 2011 at 12:39 PM, Mail Team <email....@gmail.com> wrote:

> Excpet for the actual server address, they go like this.  I'm not entirely
> sure what kind of LDAP server it is, but I think it's something like Mac OS
> X Server 10.6.8.  (I don't run that system.)
>
> LDAP Server: ldap://my.ldap.server
> LDAP Base DN: cn=users,dc=ldap,dc=server
> Given Name Attribute: givenName
> Surname Attribute: sn
> Full Name Attribute: cn
> E-Mail Domain: <blank>
> E-Mail LDAP Attribute: mail
> Use TLS for authentication <off>
> User Mask: (uid=%s)
> Anonymous User Mask: <blank>
> Anonymous User Password: <blank>
>
> Ian
>
>
> On Thu, Nov 10, 2011 at 10:48 PM, Nilesh Jaiswal <nileshj...@gmail.com>wrote:
>
>> Could you get me following details.
>>
>> Login as admin to your reviewboard.
>>
>> 1. Click to setting tab.
>> 2. Click Authentication tab.
>>
>> and get me details of the field mentioned then i can help you further.
>>
>> LDAP Server:
>> LDAP Base DN:
>> User Mask:
>> Anonymous User Mask:
>>  etc
>>
>>
>>
>> On Fri, Nov 11, 2011 at 11:35 AM, Mail Team <email....@gmail.com> wrote:
>>
>>> Oh, and I have a clone of the server if there's anything I can do for
>>> testing.  My Python skills are somewhere between crappy and nonexistent,
>>> but I can follow directions and install whatever crazy stuff on my clone to
>>> help.
>>>
>>> Ian
>>>
>>>
>>> On Thu, Nov 10, 2011 at 9:59 PM, Mail Team <email....@gmail.com> wrote:
>>>
>>>> Sorry, to answer your question from a few days ago, LDAP logins aren't
>>>> currently working at all for me, either from the web UI or from 
>>>> post-review.
>>>>
>>>> Ian
>>>>
>>>>
>>>> On Thu, Nov 10, 2011 at 2:54 AM, Nilesh Jaiswal 
>>>> <nileshj...@gmail.com>wrote:
>>>>
>>>>>
>>>>> Hi Chris,
>>>>>
>>>>> The changes are done are as below please find the snippet.
>>>>>
>>>>> class LDAPBackend(AuthBackend):
>>>>>     """Authenticate against a user on an LDAP server."""
>>>>>     name = _('LDAP')
>>>>>     settings_form = LDAPSettingsForm
>>>>>
>>>>>     def authenticate(self, username, password):
>>>>>         username = username.strip()
>>>>>         uid = settings.LDAP_UID_MASK % username
>>>>>         logging.info("Start Authenticating username: %s" % username)
>>>>>         logging.info("User UID is : %s" % uid)
>>>>>         try:
>>>>>             import ldap
>>>>>             ldapo = ldap.initialize(settings.LDAP_URI)
>>>>>             ldapo.set_option(ldap.OPT_REFERRALS, 0)
>>>>>             ldapo.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
>>>>>             if settings.LDAP_TLS:
>>>>>                 ldapo.start_tls_s()
>>>>>
>>>>>         *    # May need to log in as the anonymous user before
>>>>> searching.
>>>>>             Filter = '(&(objectClass=*)(sAMAccountName=%s))' % username
>>>>>             Attrs=['displayName']
>>>>> *
>>>>>             if settings.LDAP_ANON_BIND_UID:
>>>>>                 ldapo.simple_bind_s(settings.LDAP_ANON_BIND_UID,
>>>>>                                     settings.LDAP_ANON_BIND_PASSWD)
>>>>>
>>>>>            *search = ldapo.search(settings.LDAP_BASE_DN,
>>>>> ldap.SCOPE_SUBTREE, Filter, Attrs)*
>>>>>
>>>>>             if not search:
>>>>>                 # no such a user, return early, no need for bind
>>>>> attempts
>>>>>                 logging.warning("LDAP error: The specified object does
>>>>> not "
>>>>>                                 "exist in the Directory: %s" %
>>>>>                                 uid)
>>>>>                 return None
>>>>> *            # Adding my code Start
>>>>>             search = ldapo.search_s(settings.LDAP_BASE_DN,
>>>>> ldap.SCOPE_SUBTREE, Filter)
>>>>>             # Adding my code End
>>>>> *
>>>>>
>>>>> Similar changes in
>>>>>     def get_or_create_user(self, username):
>>>>>
>>>>> *                Filter = '(&(objectClass=*)(sAMAccountName=%s))' %
>>>>> username
>>>>>                 Attrs=['displayName']
>>>>> #                passwd = ldapo.search_s(settings.LDAP_BASE_DN,
>>>>> #                                        ldap.SCOPE_SUBTREE,
>>>>> #                                        settings.LDAP_UID_MASK %
>>>>> username)
>>>>>                 passwd = ldapo.search_s(settings.LDAP_BASE_DN,
>>>>>                                         ldap.SCOPE_SUBTREE, Filter,
>>>>> Attrs)
>>>>> *            if len(password) == 0:
>>>>>                 # Don't try to bind using an empty password; the
>>>>> server will
>>>>>                 # return success, which doesn't mean we have
>>>>> authenticated.
>>>>>                 # http://tools.ietf.org/html/rfc4513#section-5.1.2
>>>>>                 # http://tools.ietf.org/html/rfc4513#section-6.3.1
>>>>>                 logging.warning("Empty password for: %s" % uid)
>>>>>                 return None
>>>>>
>>>>>             ldapo.bind_s(search[0][0], password)
>>>>>
>>>>>             return self.get_or_create_user(username)
>>>>>
>>>>>
>>>>> After this changes i was able to authenticate using LDAP user from RB
>>>>> GUI. This is my customize fix, if you have better fix please let us know.
>>>>>
>>>>> Regards,
>>>>> Nilesh
>>>>>
>>>>> On Thu, Nov 10, 2011 at 3:52 PM, Christian Hammond <
>>>>> chip...@chipx86.com> wrote:
>>>>>
>>>>>> Can you tell me what change you made? I'd like to get a fix into a
>>>>>> release.
>>>>>>
>>>>>>
>>>>>> Christian
>>>>>>
>>>>>> --
>>>>>> Christian Hammond - chip...@chipx86.com
>>>>>> Review Board - http://www.reviewboard.org
>>>>>> VMware, Inc. - http://www.vmware.com
>>>>>>
>>>>>>
>>>>>> On Wed, Nov 9, 2011 at 11:45 PM, Nilesh Jaiswal <nileshj...@gmail.com
>>>>>> > wrote:
>>>>>>
>>>>>>> Its seems, you need to make the changes in the backends.py to add
>>>>>>> the filter for the LDAP user, I was also facing this issue then i add 
>>>>>>> the
>>>>>>> filter and it started working for me
>>>>>>>
>>>>>>>
>>>>>>> On Tue, Nov 8, 2011 at 4:58 AM, Christian Hammond <
>>>>>>> chip...@chipx86.com> wrote:
>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> Are you just having trouble with API logins using post-review, or
>>>>>>>> the website as well?
>>>>>>>>
>>>>>>>> There are some issues we haven't yet tracked down specifically with
>>>>>>>> LDAP logins with the API. I honestly don't know what's going on there, 
>>>>>>>> and
>>>>>>>> nobody who has such a setup has been able to debug enough to figure 
>>>>>>>> out the
>>>>>>>> root cause.
>>>>>>>>
>>>>>>>> Christian
>>>>>>>>
>>>>>>>> --
>>>>>>>> Christian Hammond - chip...@chipx86.com
>>>>>>>> Review Board - http://www.reviewboard.org
>>>>>>>> VMware, Inc. - http://www.vmware.com
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, Nov 7, 2011 at 2:41 PM, Mail Team <email....@gmail.com>wrote:
>>>>>>>>
>>>>>>>>> And the server is ReviewBoard 1.6.1 with Django 1.3.1, Djblets
>>>>>>>>> 0.6.13, django_evolution 0.6.5.
>>>>>>>>>
>>>>>>>>> Ian
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Sun, Nov 6, 2011 at 1:13 AM, Mail Team <email....@gmail.com>wrote:
>>>>>>>>>
>>>>>>>>>> And the client was using Python 2.7 all along.  It was using
>>>>>>>>>> RBTools 0.3.3, I tried updating them to 0.3.4 but that didn't make a
>>>>>>>>>> difference.
>>>>>>>>>>
>>>>>>>>>> Ian
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Sun, Nov 6, 2011 at 1:12 AM, Mail Team <email....@gmail.com>wrote:
>>>>>>>>>>
>>>>>>>>>>> A bit more info:
>>>>>>>>>>> My old server used Python 2.6, my new server uses 2.7.
>>>>>>>>>>>
>>>>>>>>>>> $ post-review --debug -o dummyfile
>>>>>>>>>>> >>> RBTools 0.3.4
>>>>>>>>>>> >>> Home = /path/to/my/home
>>>>>>>>>>> >>> svn info
>>>>>>>>>>> >>> diff --version
>>>>>>>>>>> >>> repository info: Path: svn+ssh://my.repository/url, Base
>>>>>>>>>>> path: /trunk, Supports changesets: False
>>>>>>>>>>> >>> svn propget reviewboard:url /path/to/my/working/copy/trunk
>>>>>>>>>>> >>> HTTP GETting api/
>>>>>>>>>>> >>> HTTP GETting
>>>>>>>>>>> http://my.reviewboard.server/codereviews/api/info/
>>>>>>>>>>> ==> HTTP Authentication Required
>>>>>>>>>>> Enter authorization information for "Web API" at
>>>>>>>>>>> mailteam.apple.com
>>>>>>>>>>> Username: iana
>>>>>>>>>>> Password:
>>>>>>>>>>> >>> Got API Error 103 (HTTP code 401): You are not logged in
>>>>>>>>>>> >>> Error data: {u'stat': u'fail', u'err': {u'msg': u'You are
>>>>>>>>>>> not logged in', u'code': 103}}
>>>>>>>>>>> Unable to log in with the supplied username and password.
>>>>>>>>>>>
>>>>>>>>>>> When I use post-review as above, I do get some logs but they're
>>>>>>>>>>> not all that helpful to me.
>>>>>>>>>>> DEBUG Attempting authentication on API for user iana
>>>>>>>>>>> DEBUG API Login failed. No valid user found.
>>>>>>>>>>>
>>>>>>>>>>> On Sun, Nov 6, 2011 at 1:43 AM, Mail Team 
>>>>>>>>>>> <email....@gmail.com>wrote:
>>>>>>>>>>>
>>>>>>>>>>>> I moved my Review Board installation to a new server via
>>>>>>>>>>>> rb-site manage dumpdata/loaddata which seemed to go fine, but now 
>>>>>>>>>>>> LDAP
>>>>>>>>>>>> logins don't work.  If I go into the admin interface and click on 
>>>>>>>>>>>> Logs,
>>>>>>>>>>>> there's nothing.  Any idea how I could debug this? Any silly 
>>>>>>>>>>>> gotchas that I
>>>>>>>>>>>> might be missing?
>>>>>>>>>>>>
>>>>>>>>>>>> Ian
>>>>>>>>>>>>
>>>>>>>>>>>  --
> Want to help the Review Board project? Donate today at
> http://www.reviewboard.org/donate/
> Happy user? Let us know at http://www.reviewboard.org/users/
> -~----------~----~----~----~------~----~------~--~---
> To unsubscribe from this group, send email to
> reviewboard+unsubscr...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/reviewboard?hl=en
>

-- 
Want to help the Review Board project? Donate today at 
http://www.reviewboard.org/donate/
Happy user? Let us know at http://www.reviewboard.org/users/
-~----------~----~----~----~------~----~------~--~---
To unsubscribe from this group, send email to 
reviewboard+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/reviewboard?hl=en

Reply via email to