Project

General

Profile

Bug #2098

LDAP (AD) not working after 1.0.1 to 1.1RC1 Uprgade

Added by Josh Baird over 9 years ago. Updated over 9 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Authentication
Target version:
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Description

LDAP worked successfully in 1.0.1 and broke after an upgrade to 1.1RC1. The debug log shows:

Started POST "/users/login" for 172.29.74.189 at Thu Jan 03 09:03:49 -0600 2013
Processing by UsersController#login as HTML
Parameters: {"utf8"=>"â", "commit"=>"Login »", "authenticity_token"=>"aXBshxH56isuxV0N1g2WxN6QSdbcT8mo8Dt0LHuL2lk=", "login"=>{"password"=>"[FILTERED]", "login"=>"jbaird"}}
Setting current user thread-local variable to nil
User Load (0.2ms) SELECT `users`.* FROM `users` WHERE `users`.`login` = 'jbaird' LIMIT 1
AuthSource Load (0.2ms) SELECT `auth_sources`.* FROM `auth_sources` WHERE `auth_sources`.`id` = 2 LIMIT 1
LDAP-Auth with User na\svcforeman
Search Result: 0
Search Message: Success
no DN
Failed to authenticate Josh Baird against LDAP-NA authentication source
invalid user
Setting current user thread-local variable to nil
Redirected to http://foreman.corp.domain.com/users/login
Completed 302 Found in 27ms

na\svcforeman has access to read and search the LDAP directory. A TCPDUMP shows a successful query/lookup:

LDAPMessage searchResDone(2) success [1 result]
searchResEntry(2) "CN=Baird\, Josh,OU=CRP,OU=People,DC=na,DC=domain,DC=lan"

However, the log is showsing "Search Result: 0"

Associated revisions

Revision 6367839a (diff)
Added by Ohad Levy over 9 years ago

fixes #2098 - ldap auth when using a different account for authentication was broken

History

#1 Updated by Ohad Levy over 9 years ago

  • Category set to Authentication
  • Assignee set to Ohad Levy
  • Target version set to 1.1

#2 Updated by Ohad Levy over 9 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

Also available in: Atom PDF