Hey everyone, I do work on adding ldap to CS 4.15 through CLI but there is something I do not understand. From this guide -> http://docs.cloudstack.apache.org/en/4.15.0.0/adminguide/accounts.html#using-an-ldap-server-for-user-authentication I do try to configure option 3 - autosync of user groups.
The actual mapping is done through this commands: - cloudmonkey -d json ldap createaccount account='juniors' accounttype=0 domainid=$MAPPEDDOMAIN1 username=bystander - cloudmonkey -d json link accounttoldap account='juniors' accounttype=0 domainid=$MAPPEDDOMAIN1 ldapdomain='cn=AcsJuniorAdmins,ou=AcsGroups,dc=cloudstack,dc=apache,dc=org' type=GROUP Here is the commands I use - cloudmonkey -d json ldap createaccount account='DEVTEST' accounttype=0 domainid=$DomainID username=testuser After this one I do get the following error: - from command line: "No LDAP user exists with the username of test" - from logs - ldap Exception: javax.naming.ConfigurationException: java.naming.provider.url property does not contain a URL Does the command require the username variable to exist ? Example from the guide states username as "bystander" which does not look so. Also as the group is mapped to account why a user is required anyway? Best regards, Jordan -----Original Message----- From: Yordan Kostov <yord...@nsogroup.com> Sent: Thursday, May 13, 2021 4:18 PM To: users@cloudstack.apache.org Subject: RE: alternative Active directory config? [X] This message came from outside your organization Thank you Nicolas, I am on it! Regards, Jordan -----Original Message----- From: Nicolas Vazquez <nicolas.vazq...@shapeblue.com> Sent: Thursday, May 13, 2021 4:15 PM To: users@cloudstack.apache.org Subject: Re: alternative Active directory config? [X] This message came from outside your organization Hi Yordan, Indeed, that seems missing in the new UI, but you can still configure LDAP accounts through the API. For example by installing CloudMonkey https://urldefense.com/v3/__https://github.com/apache/cloudstack-cloudmonkey/wiki__;!!A6UyJA!w6Ptc3kG-4H7zG-etFeeNifc1DkoXDAMu2xMQLZFJgzfr6Pk99Pb8rgkr2qcj8VBrjGnboOeba1i$ you could invoke the ldapCreateAccount API Regards, Nicolas Vazquez ________________________________ From: Yordan Kostov <yord...@nsogroup.com> Sent: Thursday, May 13, 2021 9:58 AM To: users@cloudstack.apache.org <users@cloudstack.apache.org> Subject: alternative Active directory config? Hey everyone, In 4.15 it seems there is no LDAP config button in the new GUI or the old GUI, so after LDAP sources are pointed and global config is set there is no way to actually pin groups to accounts. * New https://urldefense.com/v3/__https://imgur.com/K4fN2Ax__;!!A6UyJA!w6Ptc3kG-4H7zG-etFeeNifc1DkoXDAMu2xMQLZFJgzfr6Pk99Pb8rgkr2qcj8VBrjGnbqAf6Nl2$ * Old https://urldefense.com/v3/__https://imgur.com/WuAvq4N__;!!A6UyJA!w6Ptc3kG-4H7zG-etFeeNifc1DkoXDAMu2xMQLZFJgzfr6Pk99Pb8rgkr2qcj8VBrjGnbnSRMfiQ$ I was wondering if there is an alternative way to configure LDAP accounts? Best regards, Jordan <font size="2"><font color="#D8D8D8">11!</font>