Re: ReviewBoard LDAP authentication fails.
@Bradley && @Jack jack, did you LDAP configuration work after making your respective changes ? At times, I have noticed that if I leave any field blank in LDAP authentication page then I get a field cannot be empty error on the review board log. This happens even though the field is mentioned as optional. do you face this issue ? @Jack, Shouldn't the anonymous user mask follow the same pattern as in user mask? These parameters in your configuration do not match. I could be wrong but I understood that usermask pattern and the anonymous user mask should pass the same pattern. @Bradley I have not checked the backends.py and why the filters are required ? Is this something like hard coding the values for LDAP filters ? On Dec 7, 4:43 am, jack jack wrote: > I have also faced these issues, while configuring RB with LDAP, which > required me to modify the backends.py to add filters. > > In my case > > user mask: sAMAccountName=%s > Anonymous user mask contains following entries: CN=ldapquery,OU=Service > Accounts,OU=Exception Accounts,DC=na,DC=xxware,DC=com > Supply Anonymous user password. > > > > > > > > On Wed, Dec 7, 2011 at 4:19 AM, Bradley wrote: > > Not sure if this helps, I am using "uid=%s" against OpenLDAP. > > > On Nov 30, 11:46 pm, Dexter wrote: > > > With reviewboard 1.6.3 configured LDAP Authentication. Here is the > > > setting used > > > > > Unchecked "Allowed anonymous read-only accesss" > > > > Authentication Method "LDAP" > > > > LDAP server "ldap://" > > > > LDAP Base DN "" > > > > Given Name attribute "givenName" > > > > Surname attribute "sn" > > > > Full name attribute "displayName" > > > > Email domain - Not set. Left blank > > > > Email LDAP attribute "mail" > > > > Unchecked "Use TLS for Authentication" > > > > User mask "(cn=%s)" > > > > Anon user mask "" > > > > Anon user pass "" > > > > Use case : Login as LDAP user fails. > > > Error message from reviewboard log : > > > 2011-12-01 13:08:19,474 - WARNING - LDAP error: The specified object > > > does not exist in the Directory or provided invalid credentials: > > > (cn=) > > > > The same credentials when tried with Apache Directory Studio (LDAP > > > client) successfully passed. So, there is no authentication failure > > > from LDAP server. > > > > Questions :>> Is the user mask (cn=%s) a LDAP filter which will > > eventually result in FQDN of the user ? > > > > For example, cn=testuser,ou=user,ou=india,dc=example,dc=com is the > > > FQDN for which the user will login as testuser. Is this right ? > > > > >> The error message reported is not clear. Is the Named Object not > > found or was it the authentication failure. Is there any setting to turn > > on for enhanced logging ? > > > > NOTE : > > > This is urgent as the code review data is piling up offline and will > > > become cumbersome to feed data later. > > > -- > > Want to help the Review Board project? Donate today at > >http://www.reviewboard.org/donate/ > > Happy user? Let us know athttp://www.reviewboard.org/users/ > > -~--~~~~--~~--~--~--- > > To unsubscribe from this group, send email to > > reviewboard+unsubscr...@googlegroups.com > > For more options, visit this group at > >http://groups.google.com/group/reviewboard?hl=en -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: ReviewBoard LDAP authentication fails.
I have also faced these issues, while configuring RB with LDAP, which required me to modify the backends.py to add filters. In my case user mask: sAMAccountName=%s Anonymous user mask contains following entries: CN=ldapquery,OU=Service Accounts,OU=Exception Accounts,DC=na,DC=xxware,DC=com Supply Anonymous user password. On Wed, Dec 7, 2011 at 4:19 AM, Bradley wrote: > Not sure if this helps, I am using "uid=%s" against OpenLDAP. > > On Nov 30, 11:46 pm, Dexter wrote: > > With reviewboard 1.6.3 configured LDAP Authentication. Here is the > > setting used > > > > > Unchecked "Allowed anonymous read-only accesss" > > > Authentication Method "LDAP" > > > LDAP server "ldap://" > > > LDAP Base DN "" > > > Given Name attribute "givenName" > > > Surname attribute "sn" > > > Full name attribute "displayName" > > > Email domain - Not set. Left blank > > > Email LDAP attribute "mail" > > > Unchecked "Use TLS for Authentication" > > > User mask "(cn=%s)" > > > Anon user mask "" > > > Anon user pass "" > > > > Use case : Login as LDAP user fails. > > Error message from reviewboard log : > > 2011-12-01 13:08:19,474 - WARNING - LDAP error: The specified object > > does not exist in the Directory or provided invalid credentials: > > (cn=) > > > > The same credentials when tried with Apache Directory Studio (LDAP > > client) successfully passed. So, there is no authentication failure > > from LDAP server. > > > > Questions :>> Is the user mask (cn=%s) a LDAP filter which will > eventually result in FQDN of the user ? > > > > For example, cn=testuser,ou=user,ou=india,dc=example,dc=com is the > > FQDN for which the user will login as testuser. Is this right ? > > > > >> The error message reported is not clear. Is the Named Object not > found or was it the authentication failure. Is there any setting to turn > on for enhanced logging ? > > > > NOTE : > > This is urgent as the code review data is piling up offline and will > > become cumbersome to feed data later. > > -- > Want to help the Review Board project? Donate today at > http://www.reviewboard.org/donate/ > Happy user? Let us know at http://www.reviewboard.org/users/ > -~--~~~~--~~--~--~--- > To unsubscribe from this group, send email to > reviewboard+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/reviewboard?hl=en > -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: ReviewBoard LDAP authentication fails.
Not sure if this helps, I am using "uid=%s" against OpenLDAP. On Nov 30, 11:46 pm, Dexter wrote: > With reviewboard 1.6.3 configured LDAP Authentication. Here is the > setting used > > > Unchecked "Allowed anonymous read-only accesss" > > Authentication Method "LDAP" > > LDAP server "ldap://" > > LDAP Base DN "" > > Given Name attribute "givenName" > > Surname attribute "sn" > > Full name attribute "displayName" > > Email domain - Not set. Left blank > > Email LDAP attribute "mail" > > Unchecked "Use TLS for Authentication" > > User mask "(cn=%s)" > > Anon user mask "" > > Anon user pass "" > > Use case : Login as LDAP user fails. > Error message from reviewboard log : > 2011-12-01 13:08:19,474 - WARNING - LDAP error: The specified object > does not exist in the Directory or provided invalid credentials: > (cn=) > > The same credentials when tried with Apache Directory Studio (LDAP > client) successfully passed. So, there is no authentication failure > from LDAP server. > > Questions :>> Is the user mask (cn=%s) a LDAP filter which will eventually > result in FQDN of the user ? > > For example, cn=testuser,ou=user,ou=india,dc=example,dc=com is the > FQDN for which the user will login as testuser. Is this right ? > > >> The error message reported is not clear. Is the Named Object not found or > >> was it the authentication failure. Is there any setting to turn on for > >> enhanced logging ? > > NOTE : > This is urgent as the code review data is piling up offline and will > become cumbersome to feed data later. -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en