[one-users] LDAP SSL configuration bug
Graeme Gillies
graeme.r.gillies at gmail.com
Wed Apr 11 17:40:04 PDT 2012
Hi,
I've been wrestling with getting LDAP authentication work with
opennebula for a while now, the main difficulty being our ldap server
only supports TLS/SSL.
I've been setting the line in /etc/one/ldap/ldap_auth.conf
:auth_method: :simple_tls
like the instructions at
http://www.opennebula.org/documentation:rel3.4:ldap
suggest to do, but it still didn't seem to be communicating via
TLS/SSL correctly.
After much code diving I see that inside if Net-LDAP it's not the
authentication variable that needs that needs to be set, but rather
the encryption option needs to get set to :simple_tls for TLS/SSL to
work.
I managed to get it working by changing my /etc/one/ldap/ldap_auth.conf to
:auth_method: :simple
:encryption: :simple_tls
And then modifying /usr/lib/one/ruby/ldap_auth.rb adding in the line
ops[:encryption]=@options[:encryption] if @options[:encryption]
in the initialize method just before the creation of the Net::LDAP object.
Is it possible to get the code fixed and the documentation updated
(assuming the above is all correct?)
Regards,
Graeme
More information about the Users
mailing list