[one-users] Opennebula - Active Directory authentication intergration

Jonathan Chen simon8233 at gmail.com
Mon Sep 2 07:07:09 PDT 2013


maybe you can show your configuration file.

like ldap_conf , oned.conf ... etc

hidden your ip , account and passwd.

will be help them to solve your problem.

Jonathan


2013/9/2 Shek Mohd Fahmi Abdul Latip <fahmi.latip at mimos.my>

>  Hi experts,
>
> I’m using the latest Opennebula 4.2 on CentOS 6.4. Right now in the middle
> of integrating the authentication system with MS-AD through LDAP protocol.
>
> Based on the documentation:
>
>  To be able to use this driver for users that are still not in the user
> database you must set it to the default driver. To do this go to the auth
> drivers directory and copy the directory ldap to default. In system-wide
> installations you can do this using this command:
>  $ cp -R /var/lib/one/remotes/auth/ldap /var/lib/one/remotes/auth/default
>
>
> What I can understand, if the user account is not exist on the opennebula
> database, it will still be able to retrieve and authenticate via LDAP/AD. I
> did this configuration and somehow I got the error as mention below.
>
>
>
> I’ve followed the documentation provided on *
> http://opennebula.org/documentation:rel4.2:ldap#active_directory*<http://opennebula.org/documentation:rel4.2:ldap#active_directory>somehow, it works partially with error that I can’t really understand.
>
> Here is the error message that can be found in the oned.log:
>
> Mon Sep  2 11:24:05 2013 [AuM][D]: Message received: AUTHENTICATE SUCCESS
> 16 ldap fahmi.latipCN=******,OU=******,OU=*****,OU=Users,OU=*****,DC=******,DC=*******
>
> Mon Sep  2 11:24:05 2013 [AuM][E]: Can't create user: Error transforming
> the User to XML.. Driver response: ldap fahmi.latip
> CN=******,OU=******,OU=*****,OU=Users,OU=*****,DC=******,DC=*******
> Mon Sep  2 11:24:05 2013 [ReM][D]: Req:9744 UID:- UserInfo invoked, -1
> Mon Sep  2 11:24:05 2013 [ReM][E]: Req:9744 UID:- UserInfo result FAILURE
> [UserInfo] User couldn't be authenticated, aborting call.
>
> Anyone facing the similar issue before? Any clue what action need to be
> taken to solve this problem? Or is this method some kind of impossible?
>
> Best regards,
> .fahmie
>
>
>
>
> ------------------------------------------------------------------
> -
> -
> DISCLAIMER:
>
> This e-mail (including any attachments) is for the addressee(s)
> only and may contain confidential information. If you are not the
> intended recipient, please note that any dealing, review,
> distribution, printing, copying or use of this e-mail is strictly
> prohibited. If you have received this email in error, please notify
> the sender immediately and delete the original message.
> MIMOS Berhad is a research and development institution under
> the purview of the Malaysian Ministry of Science, Technology and
> Innovation. Opinions, conclusions and other information in this e-
> mail that do not relate to the official business of MIMOS Berhad
> and/or its subsidiaries shall be understood as neither given nor
> endorsed by MIMOS Berhad and/or its subsidiaries and neither
> MIMOS Berhad nor its subsidiaries accepts responsibility for the
> same. All liability arising from or in connection with computer
> viruses and/or corrupted e-mails is excluded to the fullest extent
> permitted by law.
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130902/44bca0d6/attachment-0002.htm>


More information about the Users mailing list