Bug #7066
closed
Unable to bind with DOMAIN\$login any longer
Description
When setting the bind account to DOMAIN/$login as the manual suggests for the 1.5 release, it doesn't look like we are translating it any longer into the actual user when logging in.
The log has the following when trying to log in:
Error during authentication: Could not bind to ActiveDirectory user GCITECH\$login
invalid user
I believe in 1.5.2 this error would be the actual user. When looking at the new code, there is nothing about the $login value as there was in the old code. Since I don't have logins working yet with any config, this is all speculation.
Updated by Dominic Cleal over 9 years ago
- Category set to Authentication
- Target version set to 1.7.5
- translation missing: en.field_release set to 10
Updated by Leah Fisher over 9 years ago
- Related to Bug #7003: Unable to connect to AD through ldap login module added
Updated by Leah Fisher over 9 years ago
I am able to log in with some changes to the code. Besides having to hardcode the bind user, I needed to update the code to also have the login connect with the domain.
So I did the following:
Account Name: Domain/foreman
Account Password: foreman
Edit line 50 of app/models/auth_sources/auth_source_ldap.rb to:
unless ldap_con.authenticate?("Domain\\#{login}", password)
Updated by Dominic Cleal over 9 years ago
- Status changed from New to Assigned
- Assignee set to Dominic Cleal
- Target version changed from 1.7.5 to 1.7.4
Updated by The Foreman Bot over 9 years ago
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/1709 added
- Pull request deleted (
)
Updated by Dominic Cleal over 9 years ago
http://koji.katello.org/koji/taskinfo?taskID=143822 (noarch.rpm) has the ldap_fluff part of the patch (and all other open issues).
Updated by Dominic Cleal over 9 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 597bd2fb68a48d37e7f6f150e0edc64a9772668c.