Hi Jason,
Take a look at this previous post
<https://groups.google.com/forum/#!topic/scalr-discuss/0Flk5BpV43I> where a
user encountered similar issues. You may need to change your :bind_type =>
'simple', and may want to switch on debugging so that you get better error
messages. The *You don't have access to any account *errors likely
indicate that you need to use your admin account to attach your AD groups
to Environments. You will do this from the Environments page. Keep in
mind, Scalr does not download or sync LDAP groups or users. Groups are
queried when an LDAP user authenticates and are then matched to previously
created groups within Scalr.
Many thanks,
Wm. Marc O'Brien
Scalr Technical Support
On Thursday, July 28, 2016 at 9:47:17 AM UTC-6, Jason Beard wrote:
>
> It's something to do with Groups. When I go into environments and add LDAP
> groups it can;t find them. I know it can pull my groups from my account.
>
> On Thursday, July 28, 2016 at 7:21:57 AM UTC-5, Jason Beard wrote:
>>
>> I'm attempting to get the LDAP configuration to work. This is for LDAP
>> with Active Directory. For the record I'm not an AD guy, I know what it is
>> and what it does but have a little knowledge of how it works. I've learned
>> some basic stuff over the last couple of days.
>>
>> I can get it to do lookups on the login page but I get the "You don't
>> have access to any account" error. From my understanding I need to add uses
>> to Teams and then Environments. But when I go into teams I don't see any
>> users and I'm using my AD account that I added into the accounts page. When
>> I go into environments and try to add my particular AD group it can't find
>> it.
>>
>>
>> Here's my config. (I had to blank out some things for security.)
>> I use a service account to do lookups and I know the service account is
>> active. I've changed a lot of settings over and over again but have come up
>> empty.
>>
>> app[:configuration] = {
>> :scalr => {
>> # Tells Scalr to use LDAP for authentication
>> :auth_mode => 'ldap',
>>
>> :connections => {
>> :ldap => {
>> # Tells Scalr what LDAP server to connect to
>> :debug => 'true',
>> :bind_type => 'regular',
>> :host => 'ldap://ldap.foo.local',
>> :port => '389',
>> :user => 'CN=myaccount,OU=Service
>> Accounts,OU=service,DC=fcoo,DC=local',
>> :pass => 'password',
>>
>> # Tells Scalr where to look at for users and groups
>> :base_dn => 'DC=foo,DC=local',
>> :base_dn_groups => 'DC=foo,DC=local',
>>
>> # Tells Scalr what attributes to look at
>> :username_attribute => 'sAMAccountName',
>> :groupname_attribute => 'memberOf',
>>
>> # Tells Scalr how group membership is represented
>> :group_member_attribute_type => 'memberOf',
>>
>> # Tells Scalr to use filters to speed up queries
>> :filter => {
>> :users => '(&(objectClass=user))',
>> :groups => '(&(objectClass=group))',
>> },
>>
>> # Uncomment for debug output if you can't login
>> # :debug => 1,
>> }
>> }
>> }
>> }
>>
>> # This will be injected into your ldap.conf
>> #app[:ldap_configuration] = '
>> #TLS_CACERT /etc/ssl/ca-cert.pem
>>
>>
>>
>>
>>
--
You received this message because you are subscribed to the Google Groups
"scalr-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
