auth-ldap (v0.6.4) - LDAP authentication plugin for XO-Server
-
@pdonias updating was exactly the fix. Apparently past me did some hacky stuff that finally came back to bite me. There was a manually installed older version of the plugin that was interfering.
All is better now, for me at least.
-
@gr85z said in auth-ldap (v0.6.4) - LDAP authentication plugin for XO-Server:
So I followed guide documentation which pull from git.
Ok, so if you install it from the sources, don't install the plugins from NPM, use the source code from the repository instead. (we just marked them as deprecated on NPM since it could be confusing). All the plugins are in the
packagesfolder. You can use Yarn'slinkfeature to easily linkxo-server-auth-ldaptoxo-server. -
@willruss1 Ok, great!
-
@pdonias Tried the yarn command
yarn link 00h00m00s 0/0: : ERROR: [Errno 2] No such file or directory: 'link'Maybe I have the source all messed up and need to start from scratch, is there a good install guide to setup server and the use the deploy page?
-
-
@pdonias
OK so I finally figured it out and got the turnkey to work.
When it was asking for server didn't realize it was asking for the XEN server. Thought it was asking for VM.
Now I have it deployed and configurations from other XOA with all my hosts, pools, and VMs etc..
I search on the new XOA for the xo-server-auth-ldap and couldn't find anything. Also there is no yarn.
I could be missing something simple to get the plugin installed. Based on the documentation it seems like it should be there and just have to turn it on. Below are the only 2 plugins I have listed.
Thanks
-
You have no LDAP plugin on XOA Free. You need to register for the trial and then you'll see an update in your XOA, and plugin will appear after that.
-
@olivierlambert does that mean when trial is up the plugin will go away? I have already used the trial.
If it is only part of the paid version we are looking at doing that starting in Q1 next year.Thanks
-
That's correct. When the trial ends, you go back to XOA Free.
I can extend the trial for 15 more days if you need.
-
@olivierlambert no need to extend trial , thank you though. I will put out the communication to team and see if they want to do before the beginning of the year.
-
I had a lot of trouble getting the LDAP integration to work with Active Directory domain controllers, and i kept finding this post over and over.
So i wanted to share my configuration and make it easier on others trying to do the same thing in the future.Using this config i was able to get everything working, but i found a few limitations:
- Xen Orchestra cannot find any group members where the member has the "Primary Group" attribute set.
- Only direct members of a group are recognized (nested groups don't work).
- When signing in, i have to specify "username" instead of "username@cxlab.domain.com"
- Groups are created by clicking "Synchronize LDAP groups", however users are not created until they sign into XOA the first time.
- Users are not deleted from Xen Orchestra when they are removed from the domain. (but they can no longer log in to XOA)
auth-ldap (v0.10.6) - LDAP authentication plugin for XO-Server
Auto-load at server start [checked]Configuration
URI: ldap://domaincontroller1.cxlab.domain.com **Certificate Authorities** Check certificate [disabled] Use StartTLS [disabled] Base: DC=cxlab,DC=domain,DC=com **Credentials** dn: cxadmin@cxlab.domain.com password: ****************** User filter: (sAMAccountName={{name}}) ID attribute: dn **Synchronize groups** [checked] Fill information (optional) Base: CN=Users,DC=cxlab,DC=domain,DC=com Filter: (ObjectClass=group) ID attribute: dn Display name attribute: cn **Members mapping** Group attribute: member User attribute: dn
-
K kagbasi-wgsdac referenced this topic on
