Bug #2644
Support for group parameter with Active Directory Authentication
| Status: | Closed | Start date: | 01/15/2014 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: |  Javi Fontan | % Done: | 0% | |
| Category: | Drivers - Auth | |||
| Target version: | Release 4.6 | |||
| Resolution: | worksforme | Pull request: | ||
| Affected Versions: | OpenNebula 4.4 |
Description
This patch makes the group option in ldap_auth.conf working with Active Directory servers.
History
#1
Updated by Ruben S. Montero over 7 years ago
- Tracker changed from Feature to Bug
- Status changed from Pending to New
- Assignee set to Javi Fontan
- Target version set to Release 4.6
- Affected Versions OpenNebula 4.4 added
This seems to be more a bug than a feature... Moving it to the bug track
#2
Updated by Javi Fontan over 7 years ago
The proposed change will make the ldap configuration parameter user_group_field unusable. The driver was tested with Active directory ad groups seem to work. The values used in the tested configuration:
server 1:
:user: 'some_user@OPENNEBULA.ORG'
:password: 'the_password'
:auth_method: :simple
:host: localhost
:port: 389
:base: 'dc=opennebula,dc=org'
# Make sure you use the full DN of the group
:group: 'CN=Administrators,CN=Builtin,DC=opennebula,DC=org'
:user_field: 'sAMAccountName'
:group_field: 'member'
:order:
- server 1
The driver does not recursively search for the groups a user belongs to so they should be directly in that group, not in a group that belongs to that group.
#3
Updated by Ruben S. Montero over 7 years ago
- Status changed from New to Closed
- Resolution set to worksforme