Not sure if this helps, I am using "uid=%s" against OpenLDAP.

On Nov 30, 11:46 pm, Dexter <dexter2...@gmail.com> wrote:
> With reviewboard 1.6.3 configured LDAP Authentication.  Here is the
> setting used
>
> > Unchecked  "Allowed anonymous read-only accesss"
> > Authentication Method "LDAP"
> > LDAP server "ldap://<hidden>"
> > LDAP Base DN "<hidden>"
> > Given Name attribute "givenName"
> > Surname attribute "sn"
> > Full name attribute "displayName"
> > Email domain - Not set. Left blank
> > Email LDAP attribute "mail"
> > Unchecked "Use TLS for Authentication"
> > User mask "(cn=%s)"
> > Anon user mask "<hidden>"
> > Anon user pass "<hidden>"
>
> Use case : Login as LDAP user fails.
> Error message from reviewboard log :
> 2011-12-01 13:08:19,474 - WARNING - LDAP error: The specified object
> does not exist in the Directory or provided invalid credentials:
> (cn=<username_hidden>)
>
> The same credentials when tried with Apache Directory Studio (LDAP
> client) successfully passed. So, there is no authentication failure
> from LDAP server.
>
> Questions :>> Is the user mask (cn=%s) a LDAP filter which will eventually 
> result in FQDN of the user ?
>
> For example, cn=testuser,ou=user,ou=india,dc=example,dc=com is the
> FQDN for which the user will login as testuser.  Is this right ?
>
> >> The error message reported is not clear.  Is the Named Object not found or 
> >> was it the authentication failure.  Is there any setting to turn on for 
> >> enhanced logging ?
>
> NOTE :
> This is urgent as the code review data is piling up offline and will
> become cumbersome to feed data later.

-- 
Want to help the Review Board project? Donate today at 
http://www.reviewboard.org/donate/
Happy user? Let us know at http://www.reviewboard.org/users/
-~----------~----~----~----~------~----~------~--~---
To unsubscribe from this group, send email to 
reviewboard+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/reviewboard?hl=en

Reply via email to