Bug 1117919
Summary: | LDAP connection test fails to verify Base DN | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Retired] JBoss BRMS Platform 6 | Reporter: | Tomas Livora <tlivora> | ||||||
Component: | Installer | Assignee: | Miroslav Sochurek <msochure> | ||||||
Status: | CLOSED EOL | QA Contact: | Dominik Hanak <dhanak> | ||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | medium | ||||||||
Version: | 6.0.2 | CC: | kverlaen | ||||||
Target Milestone: | DR4 | ||||||||
Target Release: | 6.1.0 | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2020-03-27 20:04:00 UTC | Type: | Bug | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Tomas Livora
2014-07-09 15:59:49 UTC
Hello, I've tried this and was able to reproduce. Our check searches the Base DN for entries and if there are no entries we warn the user that we cannot verify the Base DN (entriesReturned=0). Perhaps this warning is incorrect, but we are not sure of the use case of having an empty Base DN. Created attachment 922155 [details]
LDIF file
Miles, the warning message is shown even if there are some entries in the directory server. I think this is a problem with the filter. The one entered by a user on LDAP Configuration page should be used. Or maybe the best option would be not to use any filter at all if it is possible.
Thank you for providing the LDIF files. I've updated the way the ldap validator should search for the basedn, and it should now be able to verify the basedn from UnBoundID. https://code.engineering.redhat.com/gerrit/gitweb?p=installer-commons.git;a=commitdiff;h=b4b612d244d057b2bd08834a40a45c44ced8ae77 This doesn't seem to be working correctly for me in the latest builds. Tom, I have just tried it and the connection test works in both (BPMS and BRMS) installers of version 6.1.0 DR3. I have also added a test for this to our test suite and the connection test itself passes. However, the whole test fails because of another bug 1147939. http://git.app.eng.bos.redhat.com/git/jbossqe-installer.git/commit/?id=559ca1f8aadfa7ba4917c823fd332cc95ece0792 I was testing using the .ldif from here: https://mojo.redhat.com/docs/DOC-977872 The current installer reported that the Base DN couldn't be verified when using the following settings: Base DN: ou=People,dc=jboss,dc=org Filter type: Username Attribute Username Filter: uid Recursive: No As I see it, this should pass validation. Am I incorrect here? Regardless, I have implemented a more robust check which passes our existing tests and also passes the situation above :) 1147939 is resolved for future builds. Tom, you are right. I have only tested the base DN of the LDAP server but in this specific case base DN means user context. So this issue is not fixed in DR3. Thank you for pointing that out. The new check should work on many more situations. It takes into account the filter and the recursive search fields correctly as well. Thomas, it was a very good idea to distinguish between testing user search and testing the connection itself. Verified on BPMS & BRMS 6.1.0 DR4 |