[one-users] Unable to login to Sunstone/OCCI via LDAP

Vassilis Vatikiotis vatikiot at iit.demokritos.gr
Wed Feb 6 05:15:08 PST 2013


Hello all,

I'm trying to enable the LDAP auth method so my users can login to
OCCI web UI and although I've followed the steps from the docs in ONE
site so far I haven;t managed it.

The /etc/one/oned.conf AUTH_MAD section is:
AUTH_MAD = [
    executable = "one_auth_mad",
    authn = "ssh,x509,ldap,default,server_cipher,server_x509"
]

The /etc/one/auth/ldap_auth.conf is:
server 1:
    :user: 'cn=xxx,ou=xxxx,dc=xxx,dc=xxx,dc=xxx'
    :password: 'xxxx'
    :auth_method: :simple
    :host: 'ldap.xxx.xxx.xxx'
    :port: 389
    :base: 'ou=xxx,dc=xxx,dc=xxx,dc=xxx'
    :user_field: 'uid'

:order:
    - server 1

The above ldap setting work as I've tested them inside irb, using the
ruby class defined in /etc/lib/one/ruby/ldap_auth.rb. I can search my
LDAP database and get results

I've also copied the ldap directory to a default one, like,
$ cp -R /var/lib/one/remotes/auth/ldap /var/lib/one/remotes/auth/default

What puzzles me is that whenever I try to login to OCCI (or sunstone)
I cannot see any auth related queries in /var/log/one/oned.log. It's
as if the ldap and default settings in authn of AUTH_MAD are completly
ignored. At the same time, no queries are performed in the LDAP
backend.

I haven't done the last step where a $HOME/.one/one_auth file
containing a user_dn:password
entry cause I'm unsure of what it means.

Any ideas?


More information about the Users mailing list