LDAP logs
-
Hi all,
I was wondering where logs might be for LDAP requests. Trying to troubleshoot an app that is just not wanting to authenticate with LDAP.
thanks -
They are in the main box logs, however with the current release we only log requests, which hit a valid namespace. The next release will also log faulty ones for exactly the case to debug app integration.
-
@nebulon thanks.
LDAP for my teddy application is failing any ideas at to why these results might not work?
-
@ultraviolet these do look correct, only thing I could spot is the uppercase
USERNAMEhowever I think LDAP filters are not case sensitive anyways.Can you see any log message at all, like the admin bind or any search?
-
@nebulon took a bit of digging but yes there is something:
The filter &(objectclass=user)(|(adminldap=%uid)(adminldap=%uid))) is invalid.
Which is weird. LDAP search strings are not my strong point
@ultraviolet fixed it missed a ( at the start of the string:
-
@ultraviolet fixed it missed a ( at the start of the string:
-
@ultraviolet good catch! so it works now?
@nebulon it does.
I am trying to automate the install of the LDAP details. Teedy has a database that holds the ldap details. I am struggling to get this INSERT statement into start.sh:
INSERT into t_config (cfg_id_c, cfg_value_c) VALUES('LDAP_ENABLED', true), ('LDAP_HOST', $CLOUDRON_LDAP_SERVER), ('LDAP_PORT', $CLOUDRON_LDAP_PORT), ('LDAP_ADMIN_DN', $CLOUDRON_LDAP_BIND_DN), ('LDAP_ADMIN_PASSWORD', $CLOUDRON_LDAP_BIND_PASSWORD), ('LDAP_BASE_DN', $CLOUDRON_LDAP_BIND_PASSWORD), ('LDAP_BASE_DN', $CLOUDRON_LDAP_USERS_BASE_DN), ('LDAP_DEAFULT_EMAIL', 'mail@mail.com'), ('LDAP_FILTER', '(objectclass=user)(|(USERNAME=%uid)(USERNAME=%uid)))'), ('LDAP_DEFAULT_STORAGE', 1024000000);Any chance you could help with your expertise?
-
@nebulon it does.
I am trying to automate the install of the LDAP details. Teedy has a database that holds the ldap details. I am struggling to get this INSERT statement into start.sh:
INSERT into t_config (cfg_id_c, cfg_value_c) VALUES('LDAP_ENABLED', true), ('LDAP_HOST', $CLOUDRON_LDAP_SERVER), ('LDAP_PORT', $CLOUDRON_LDAP_PORT), ('LDAP_ADMIN_DN', $CLOUDRON_LDAP_BIND_DN), ('LDAP_ADMIN_PASSWORD', $CLOUDRON_LDAP_BIND_PASSWORD), ('LDAP_BASE_DN', $CLOUDRON_LDAP_BIND_PASSWORD), ('LDAP_BASE_DN', $CLOUDRON_LDAP_USERS_BASE_DN), ('LDAP_DEAFULT_EMAIL', 'mail@mail.com'), ('LDAP_FILTER', '(objectclass=user)(|(USERNAME=%uid)(USERNAME=%uid)))'), ('LDAP_DEFAULT_STORAGE', 1024000000);Any chance you could help with your expertise?
@ultraviolet You probably want to do an upsert here instead, since you should update the values on every app restart, in case the value have changed on the platform side. For a mysql example you can for example look at https://git.cloudron.io/cloudron/freescout-app/-/blob/master/start.sh#L87
-
@ultraviolet You probably want to do an upsert here instead, since you should update the values on every app restart, in case the value have changed on the platform side. For a mysql example you can for example look at https://git.cloudron.io/cloudron/freescout-app/-/blob/master/start.sh#L87
