[OOD-users] LDAP authentication failure
E.M. Dragowsky
dragowsky at case.edu
Wed Aug 1 13:03:07 EDT 2018
Hi, all --
H
ow can I effectively test so as to correct the ldap configuration?
I'm accustomed to using ldapsearch within the cluster, and am learning some
things about ldap through the local configuration in the cpu.conf and the
sssd.conf.
I have followed the prescription to configure, as below:
auth:
- 'AuthType Basic'
- 'AuthName "Case SSO"'
- 'AuthBasicProvider ldap'
- 'AuthLDAPURL
"ldap://<internal-ip>:389/ou=People,dc=cwru,dc=cloh,dc=osc,dc=edu?uid"'
- 'AuthLDAPGroupAttribute memberUid'
- 'AuthLDAPGroupAttributeIsDN off'
- 'RequestHeader unset Authorization'
- 'Require valid-user'
When prompted to authenticate, I enter my ldap credentials, which is
rejected, and the login prompt window appears again. I'm not finding local
logging of how the authentication is failing. The 'dc' values are taken
from my standard usage of ldapsearch, to lookup info about our cluster user
accounts.
Is the structure of the ldap call to the server adequate? How do I know
what value needs to be returned, and whether the necessary value is
satisfied? For example, my ldapsearch will not return a field 'memberUid',
so is the 'AuthLDAPGroupAttribute memberUid' inappropriate in this case?
Thanks!
--
E.M. Dragowsky, Ph.D.
Research Computing -- UTech
Case Western Reserve University
(216) 368-0082
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osu.edu/pipermail/ood-users/attachments/20180801/4e3d95a5/attachment.html>
More information about the OOD-users
mailing list