| Summary: | Customer reports unable to find user in LDAP after trying several different forms of LDAP specifications | ||
|---|---|---|---|
| Product: | Red Hat CloudForms Management Engine | Reporter: | Thomas Hennessy <thenness> |
| Component: | Security | Assignee: | Chris Pelland <cpelland> |
| Status: | CLOSED NOTABUG | QA Contact: | Dave Johnson <dajohnso> |
| Severity: | urgent | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 5.5.0 | CC: | carnott, fahmed, gtanzill, jdeubel, jhardy, jocarter, jprause, kseifried, myoder, obarenbo |
| Target Milestone: | GA | ||
| Target Release: | 5.7.0 | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-08-30 18:53:22 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Attachments: | |||
Created attachment 1195548 [details]
merged production.log and evm.log from the UI worker that experienced all of the LDAP issues
Created attachment 1195549 [details]
vmdb.yml.db from the appliance where the problem occurs, includes the LDAP settings
Tom, It looks like there may be a typo in the configuration of the basedn. They have: basedn: OU=MOBILE,DC=mobile,DC=va,CD=gov We think that the last part "CD=gov" is incorrect and should be "DC=gov" Can we have the customer make that change and try to logon again? Gregg, I have just completed a phone call with the customer who reports that having made the change the login is now progressing further than before but he is encountering different problems which he attributes to a problem in the syntax of the login sequence. He will test different login sequences and update the case, but at the moment, the change above has allowed him to progress beyone where he was previously stuck. I will update you as I learn more. Tom Hennessy Gregg, Update from customer: ___________________________ Most recent comment: On 2016-08-30 10:58:23, Miller, Scott commented: "Hi Tom, Thank you for the conversation. I was just able to login using my AD username and credentials so it looks like we are good. Really appreciate the help and the multiple sets of eyes to catch my fat fingering. _________________________________ I think we can close this based on the above. Thanks to you and your team for help on this. Tom Hennessy |
Created attachment 1195547 [details] Current logs as provided by the customer Description of problem: Admin uses is attempting to load groups associated with new user and user is not being found in LDAP environment Version-Release number of selected component (if applicable):5.5.3.4 How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: from user description ===== When doing a Look Up LDAP Groups while adding a new group in Access Control, the bind works but the user is not found preventing us from pulling in the group. Guessing it has something to do with the Authentication config under Settings. =====