Unable to import LDAP users

[mike4vr]

We're able to make a connection with our LDAP server, but importing fails. No matter how we configure the DN, we still get 0 users found. Is there anything we can do on our end to figure out why this is happening?

NLS version: 2015r2.0b
LDAP: IPA Server 3.0.0-26

We've also tried connecting to our Active Directory server with similar results.

Screenshot attached.

[ssax]

Can you post the sanitized configuration so that I see it, I'll try to replicate it on my end.

[mike4vr]

Here it is. If there are some config files you want to see, please let me know which ones and I'll be happy to post them as well.

[ssax]

Ok, it's a bug, I'll report it to the developers, I found a fix for you:

Edit this file:

Code: Select all

/var/www/html/nagioslogserver/application/helpers/ldap_ad_helper.php

Change this line (about line 240):

Code: Select all

<img class="table-icon" src="<?php echo media_url('icons/'.$image); ?>" border="0" alt="<?php echo _("Add user"); ?>" title="<?php echo _("Add user"); ?>" style="">

To:

Code: Select all

<img class="table-icon" src="<?php echo base_url('media/icons/'.$image); ?>" border="0" alt="<?php echo _("Add user"); ?>" title="<?php echo _("Add user"); ?>" style="">

Now it should allow it to work for you.

Edit:

Code: Select all

NEW TASK ID 6041 created - Nagios Log Server Bug Report: LDAP auth doesn't show users to import because image is broken

----

I found another bug though, if you select Admin access level it doesn't set it properly, you will need to edit the users and adjust it, I'm looking for a solution to that as well. Stay tuned!

[ssax]

The second bug fix is to edit this file:

Code: Select all

/var/www/html/nagioslogserver/application/views/admin/import_users_final.php

Chang this code (around line 123) from:

Code: Select all

<option value="2"><?php echo _('User'); ?></option>
<option value="1"><?php echo _('Admin'); ?></option>

To:

Code: Select all

<option value="user"><?php echo _('User'); ?></option>
<option value="admin"><?php echo _('Admin'); ?></option>

Edit:

Code: Select all

NEW TASK ID 6042 created - Nagios Log Server Bug Report: LDAP import - Selecting admin as level doesn't set the user as admin

[mike4vr]

I've edited both files and even went as far as rebooting both servers in the cluster. Still having the same issue. No users show up as shown in the screenshot in my original post.

[ssax]

Here is how it works on my test box, it shows me the Users container:

ad_ldap_ls_1.png

Then I have to click on the Users container for it to show the users:

ad_ldap_ls_2.png

My LDAP settings are:

ad_ldap_ls_3.png

Just for the sake of testing, try using "admin" instead of "uid=admin,cn=users,blah" and see if that changes anything.

Also, please run this command:

Code: Select all

tail -f /var/log/httpd/error_log /var/log/httpd/ssl_error_log

Then try it again and see if any errors are produced in the tail output, if there are, please post them.

[mike4vr]

If I use "admin" alone without cn= I get "Invalid Credentials." Logs do not produce anything.

Additionally, I've noticed that when I try to delete the LDAP server by clicking the X in the "LDAP / Active Directory Integration" page, it takes me back to the Dashboard and never deletes the config. Something is definitely wrong.

[ssax]

Looks like not being able to delete the auth server is a bug, I experienced the same issue, I've reported it to the developers:

Code: Select all

NEW TASK ID 6048 created - Nagios Log Server Bug Report: Unable to delete AD/LDAP auth server

Is this a Linux OpenLDAP server?

[mike4vr]

This is a Linux server running CentOS 6.4 kernel version 2.6.32-358.2.1.el6.x86_64. We are using ipa-server-3.0.0-26.el6_4.2.x86_64 (not openldap.) I'm beginning to think there might be an incompatibility with IPA/FreeIPA. Have you guys tested against it?