Hi
i've set up xen orchestra community edition for my lab, to test XCP-NG and XO.
installation from source is ok, i managed to set tup storage, backup, and Vm running.
But, i would like to set up ldap authentification, and only allow a specific group on my AD to connect to xen orchestra.
our Ldap is strikly internal, not certificate.
is set up like this
URI : ldap://my-dc-01.corp.net:389
check certificat and use tls not checked.
base : dn=corp,dn=net
Credential : service_account@corp.net with it's password
user Filter
This where maybe i miss something
i put : (&(sAMAccountName={{name}})(memberOf="VMAdmin"))
Id Attribute : sAMAccountName
When i test data with my user in the VMAdmin group, i got this error :
Code: -32000
Message: 000020D6: SvcErr: DSID-03100836, problem 5012 (DIR_ERROR), data 0 Code: 0x1
{
"code": 1,
"message": "000020D6: SvcErr: DSID-03100836, problem 5012 (DIR_ERROR), data 0\n\u0000 Code: 0x1",
"name": "Error",
"stack": "Error: 000020D6: SvcErr: DSID-03100836, problem 5012 (DIR_ERROR), data 0\n\u0000 Code: 0x1\n at Function.parse (/opt/xen-orchestra/node_modules/ldapts/StatusCodeParser.ts:55:16)\n at Client._sendSearch (/opt/xen-orchestra/node_modules/ldapts/Client.ts:648:30)\n at Client.search (/opt/xen-orchestra/node_modules/ldapts/Client.ts:610:5)\n at AuthLdap._authenticate (/opt/xen-orchestra/packages/xo-server-auth-ldap/src/index.js:277:42)\n at default.testPlugin (file:///opt/xen-orchestra/packages/xo-server/src/xo-mixins/plugins.mjs:285:5)\n at Xo.test (file:///opt/xen-orchestra/packages/xo-server/src/api/plugin.mjs:109:3)\n at Task.runInside (/opt/xen-orchestra/@vates/task/index.js:172:22)\n at Task.run (/opt/xen-orchestra/@vates/task/index.js:156:20)\n at Api.#callApiMethod (file:///opt/xen-orchestra/packages/xo-server/src/xo-mixins/api.mjs:469:18)"
}