Page 1 of 3
Unable to import LDAP users
Posted: Fri Jul 17, 2015 10:46 am
by mike4vr
We're able to make a connection with our LDAP server, but importing fails. No matter how we configure the DN, we still get 0 users found. Is there anything we can do on our end to figure out why this is happening?
NLS version: 2015r2.0b
LDAP: IPA Server 3.0.0-26
We've also tried connecting to our Active Directory server with similar results.
Screenshot attached.
Re: Unable to import LDAP users
Posted: Fri Jul 17, 2015 11:07 am
by ssax
Can you post the sanitized configuration so that I see it, I'll try to replicate it on my end.
Re: Unable to import LDAP users
Posted: Fri Jul 17, 2015 11:13 am
by mike4vr
Here it is. If there are some config files you want to see, please let me know which ones and I'll be happy to post them as well.
Re: Unable to import LDAP users
Posted: Fri Jul 17, 2015 12:50 pm
by ssax
Ok, it's a bug, I'll report it to the developers, I found a fix for you:
Edit this file:
Code: Select all
/var/www/html/nagioslogserver/application/helpers/ldap_ad_helper.php
Change this line (about line 240):
Code: Select all
<img class="table-icon" src="<?php echo media_url('icons/'.$image); ?>" border="0" alt="<?php echo _("Add user"); ?>" title="<?php echo _("Add user"); ?>" style="">
To:
Code: Select all
<img class="table-icon" src="<?php echo base_url('media/icons/'.$image); ?>" border="0" alt="<?php echo _("Add user"); ?>" title="<?php echo _("Add user"); ?>" style="">
Now it should allow it to work for you.
Edit:
Code: Select all
NEW TASK ID 6041 created - Nagios Log Server Bug Report: LDAP auth doesn't show users to import because image is broken
----
I found another bug though, if you select Admin access level it doesn't set it properly, you will need to edit the users and adjust it, I'm looking for a solution to that as well. Stay tuned!
Re: Unable to import LDAP users
Posted: Fri Jul 17, 2015 1:14 pm
by ssax
The second bug fix is to edit this file:
Code: Select all
/var/www/html/nagioslogserver/application/views/admin/import_users_final.php
Chang this code (around line 123) from:
Code: Select all
<option value="2"><?php echo _('User'); ?></option>
<option value="1"><?php echo _('Admin'); ?></option>
To:
Code: Select all
<option value="user"><?php echo _('User'); ?></option>
<option value="admin"><?php echo _('Admin'); ?></option>
Edit:
Code: Select all
NEW TASK ID 6042 created - Nagios Log Server Bug Report: LDAP import - Selecting admin as level doesn't set the user as admin
Re: Unable to import LDAP users
Posted: Fri Jul 17, 2015 2:55 pm
by mike4vr
I've edited both files and even went as far as rebooting both servers in the cluster. Still having the same issue. No users show up as shown in the screenshot in my original post.
Re: Unable to import LDAP users
Posted: Mon Jul 20, 2015 9:48 am
by ssax
Here is how it works on my test box, it shows me the Users container:
ad_ldap_ls_1.png
Then I have to click on the Users container for it to show the users:
ad_ldap_ls_2.png
My LDAP settings are:
ad_ldap_ls_3.png
Just for the sake of testing, try using "admin" instead of "uid=admin,cn=users,blah" and see if that changes anything.
Also, please run this command:
Code: Select all
tail -f /var/log/httpd/error_log /var/log/httpd/ssl_error_log
Then try it again and see if any errors are produced in the tail output, if there are, please post them.
Re: Unable to import LDAP users
Posted: Mon Jul 20, 2015 9:57 am
by mike4vr
If I use "admin" alone without cn= I get "Invalid Credentials." Logs do not produce anything.
Additionally, I've noticed that when I try to delete the LDAP server by clicking the X in the "LDAP / Active Directory Integration" page, it takes me back to the Dashboard and never deletes the config. Something is definitely wrong.
Re: Unable to import LDAP users
Posted: Mon Jul 20, 2015 10:26 am
by ssax
Looks like not being able to delete the auth server is a bug, I experienced the same issue, I've reported it to the developers:
Code: Select all
NEW TASK ID 6048 created - Nagios Log Server Bug Report: Unable to delete AD/LDAP auth server
Is this a Linux OpenLDAP server?
Re: Unable to import LDAP users
Posted: Mon Jul 20, 2015 12:46 pm
by mike4vr
This is a Linux server running CentOS 6.4 kernel version 2.6.32-358.2.1.el6.x86_64. We are using ipa-server-3.0.0-26.el6_4.2.x86_64 (not openldap.) I'm beginning to think there might be an incompatibility with IPA/FreeIPA. Have you guys tested against it?