Bug 1371314 - Customer reports unable to find user in LDAP after trying several different forms of LDAP specifications
Summary: Customer reports unable to find user in LDAP after trying several different f...
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Security
Version: 5.5.0
Hardware: All
OS: Linux
unspecified
urgent
Target Milestone: GA
: 5.7.0
Assignee: Chris Pelland
QA Contact: Dave Johnson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-08-29 22:03 UTC by Thomas Hennessy
Modified: 2019-11-14 09:00 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-08-30 18:53:22 UTC
Category: ---
Cloudforms Team: ---
Target Upstream Version:

Attachments (Terms of Use)
Current logs as provided by the customer (1.88 MB, application/zip)
2016-08-29 22:03 UTC, Thomas Hennessy 		no flags Details
merged production.log and evm.log from the UI worker that experienced all of the LDAP issues (293.67 KB, text/plain)
2016-08-29 22:05 UTC, Thomas Hennessy 		no flags Details
vmdb.yml.db from the appliance where the problem occurs, includes the LDAP settings (16.76 KB, text/plain)
2016-08-29 22:06 UTC, Thomas Hennessy 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Description Thomas Hennessy 2016-08-29 22:03:21 UTC 
Created attachment 1195547 [details]
Current logs as provided by the customer

Description of problem: Admin uses is attempting to load groups associated with new user and user is not being found in LDAP environment


Version-Release number of selected component (if applicable):5.5.3.4


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

from user description
=====
When doing a Look Up LDAP Groups while adding a new group in Access Control, the bind works but the user is not found preventing us from pulling in the group.  Guessing it has something to do with the Authentication config under Settings.
=====
Comment 2 Thomas Hennessy 2016-08-29 22:05:23 UTC 
Created attachment 1195548 [details]
merged production.log and evm.log from the UI worker that experienced all of the LDAP issues
Comment 3 Thomas Hennessy 2016-08-29 22:06:25 UTC 
Created attachment 1195549 [details]
vmdb.yml.db from the appliance where the problem occurs, includes the LDAP settings
Comment 6 Gregg Tanzillo 2016-08-30 14:20:35 UTC 
Tom,

It looks like there may be a typo in the configuration of the basedn. They have:

  basedn: OU=MOBILE,DC=mobile,DC=va,CD=gov

We think that the last part "CD=gov" is incorrect and should be "DC=gov"

Can we have the customer make that change and try to logon again?
Comment 7 Thomas Hennessy 2016-08-30 14:43:47 UTC 
Gregg,
I have just completed a phone call with the customer who reports that having made the change the login is now progressing further than before but he is encountering different problems which he attributes to a problem in the syntax of the login sequence.

He will test different login sequences and update the case, but at the moment, the change above has allowed him to progress beyone where he was previously stuck.

I will update you as I learn more.

Tom Hennessy
Comment 8 Thomas Hennessy 2016-08-30 15:09:43 UTC 
Gregg,
Update from customer:
___________________________
Most recent comment: On 2016-08-30 10:58:23, Miller, Scott commented:
"Hi Tom,

Thank you for the conversation.  I was just able to login using my AD username and credentials so it looks like we are good.  Really appreciate the help and the multiple sets of eyes to catch my fat fingering.
_________________________________

I think we can close this based on the above.

Thanks to  you and your team for help on this.

Tom Hennessy
Note You need to log in before you can comment on or make changes to this bug.