[one-users] LDAP SSL configuration bug

Nicolas AGIUS nicolas.agius at lps-it.fr
Thu Apr 12 00:39:12 PDT 2012


Indeed.

Patch provided here : http://dev.opennebula.org/issues/1171

:-)

--- En date de : Jeu 12.4.12, Simon Boulet <simon at nostalgeek.com> a écrit :

De: Simon Boulet <simon at nostalgeek.com>
Objet: Re: [one-users] LDAP SSL configuration bug
À: "Graeme Gillies" <graeme.r.gillies at gmail.com>
Cc: users at lists.opennebula.org
Date: Jeudi 12 avril 2012, 5h52

Hi Graeme,

I think this issue was already reported and fixed in the latest 3.4.

http://dev.opennebula.org/issues/967

Regards,

Simon

On Wed, Apr 11, 2012 at 8:40 PM, Graeme Gillies
<graeme.r.gillies at gmail.com> wrote:
> Hi,
>
> I've been wrestling with getting LDAP authentication work with
> opennebula for a while now, the main difficulty being our ldap server
> only supports TLS/SSL.
>
> I've been setting the line in /etc/one/ldap/ldap_auth.conf
>
> :auth_method: :simple_tls
>
> like the instructions at
>
> http://www.opennebula.org/documentation:rel3.4:ldap
>
> suggest to do, but it still didn't seem to be communicating via
> TLS/SSL correctly.
>
> After much code diving I see that inside if Net-LDAP it's not the
> authentication variable that needs that needs to be set, but rather
> the encryption option needs to get set to :simple_tls for TLS/SSL to
> work.
>
> I managed to get it working by changing my /etc/one/ldap/ldap_auth.conf to
>
> :auth_method: :simple
> :encryption: :simple_tls
>
> And then modifying /usr/lib/one/ruby/ldap_auth.rb adding in the line
>
> ops[:encryption]=@options[:encryption] if @options[:encryption]
>
> in the initialize method just before the creation of the Net::LDAP object.
>
> Is it possible to get the code fixed and the documentation updated
> (assuming the above is all correct?)
>
> Regards,
>
> Graeme
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
_______________________________________________
Users mailing list
Users at lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20120412/a501f629/attachment-0002.htm>


More information about the Users mailing list