Bug #2644
Support for group parameter with Active Directory Authentication
Status: | Closed | Start date: | 01/15/2014 | |
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | Javi Fontan | % Done: | 0% | |
Category: | Drivers - Auth | |||
Target version: | Release 4.6 | |||
Resolution: | worksforme | Pull request: | ||
Affected Versions: | OpenNebula 4.4 |
Description
This patch makes the group option in ldap_auth.conf working with Active Directory servers.
History
#1 Updated by Ruben S. Montero over 7 years ago
- Tracker changed from Feature to Bug
- Status changed from Pending to New
- Assignee set to Javi Fontan
- Target version set to Release 4.6
- Affected Versions OpenNebula 4.4 added
This seems to be more a bug than a feature... Moving it to the bug track
#2 Updated by Javi Fontan over 7 years ago
The proposed change will make the ldap configuration parameter user_group_field
unusable. The driver was tested with Active directory ad groups seem to work. The values used in the tested configuration:
server 1: :user: 'some_user@OPENNEBULA.ORG' :password: 'the_password' :auth_method: :simple :host: localhost :port: 389 :base: 'dc=opennebula,dc=org' # Make sure you use the full DN of the group :group: 'CN=Administrators,CN=Builtin,DC=opennebula,DC=org' :user_field: 'sAMAccountName' :group_field: 'member' :order: - server 1
The driver does not recursively search for the groups a user belongs to so they should be directly in that group, not in a group that belongs to that group.
#3 Updated by Ruben S. Montero over 7 years ago
- Status changed from New to Closed
- Resolution set to worksforme