Posts made by wesleylc1 | XCP-ng and XO forum

wesleylc1

thank you.

wesleylc1

@julien-f the filter "(& (cn = gp-ti-test) (memberUID = {{name}}))" is to release access to users of a group but "bind as" is not being mounted as it should

? uri ldap://192.168.XX.XX
? fill optional certificateAuthorities? No
? fill optional checkCertificate? No
? fill optional bind? Yes
? bind > dn cn=adm,c=br
? bind > password *****
? base ou=BH,o=PRJ,c=BR
? fill optional filter? Yes
? filter (&(cn=gp-ti-teste)(memberUID={{name}}))
configuration saved in ./ldap.cache.conf
? Username user1
? Password [hidden]
attempting to bind with as cn=adm,c=br...
successfully bound as cn=adm,c=br
searching for entries...
.
1 entries found
attempting to bind as cn=gp-ti-teste,ou=Grupos,ou=BH,o=PRJ,c=BR
failed to bind as cn=gp-ti-teste,ou=Grupos,ou=BH,o=PRJ,c=BR: Invalid Credentials
could not authenticate user1

Best regards,
Wesley Santos

wesleylc1

The default filter is (uid = {{name}})?

wesleylc1

@julien-f How can I download the new version of the plugin, according to the output below, I can not automatically query the filters through the script "/test-cli.js".

? uri ldap://192.168.xx.xx
? fill optional certificateAuthorities? No
? fill optional checkCertificate? No
? fill optional bind? Yes
? bind > dn cn=admin,c=br
? bind > password  XXXX
? base ou=XX,o=PRJ,c=BR
? fill optional filter? Yes
? filter (&(cn=gp-ti-infra)(memberUID={{name}}))
configuration saved in ./ldap.cache.conf
? Username user01
? Password [hidden]
attempting to bind with as cn=admin,c=br...
successfully bound as cn=admin,c=br
searching for entries...
.
1 entries found
attempting to bind as cn=gp-ti-test,ou=Grupos,ou=XX,o=PRJ,c=BR
failed to bind as cn=gp-ti-test,ou=Grupos,ou=XX,o=PRJ,c=BR: Invalid Credentials
could not authenticate user1

wesleylc1

@julien-f Can you list what types of filters are supported by the plugin?

wesleylc1

@julien-f @DustinB

I performed the installation through the link below.

https://github.com/Jarli01/xenorchestra_installer

the version of the updated plugin is already available in the Jarli repositories?

Best regards,
Wesley Santos

wesleylc1

@julien-f With this test option would be perfect to find out which filter should I use, how do I update to this version of the plugin?

? uri 192.168.XX.XX
? fill optional certificateAuthorities? No
? fill optional checkCertificate? No
? fill optional bind? No
? base ou=BH,o=PRJ,c=BR
? fill optional filter? No
configuration saved in ./ldap.cache.conf
? Username cn=adm,c=br
? Password [hidden]
✖ 192.168.xx.xx is an invalid LDAP url (protocol)
TypeError: 192.168.XX.XX is an invalid LDAP url (protocol)
    at Object.parse (/opt/xen-orchestra/node_modules/ldapjs/lib/url.js:16:13)
    at new Client (/opt/xen-orchestra/node_modules/ldapjs/lib/client/client.js:310:16)
    at createClient (/opt/xen-orchestra/node_modules/ldapjs/lib/client/index.js:54:12)
    at /opt/xen-orchestra/packages/xo-server-auth-ldap/dist/index.js:204:47
    at Generator.next (<anonymous>)
    at asyncGeneratorStep (/opt/xen-orchestra/packages/xo-server-auth-ldap/dist/index.js:24:103)
    at _next (/opt/xen-orchestra/packages/xo-server-auth-ldap/dist/index.js:26:194)
    at /opt/xen-orchestra/packages/xo-server-auth-ldap/dist/index.js:26:364
    at new Promise (<anonymous>)
    at /opt/xen-orchestra/packages/xo-server-auth-ldap/dist/index.js:26:97

Best regards,
Wesley Santos

wesleylc1

Dear @julien-f ,

I was able to perform the integration with "OpenLDAP", but I can not apply the filter using "" memberOf "", I could identify, the filter does not occur because my "LDAP" uses old parameters, filters using the "memberUid" attribute. You have some examples of how I can apply to filter group users with the "memberUid" attribute.

Best regards,
Wesley Santos

wesleylc1

Dear, is it possible to search with the "group and users" option?
Best regards,
Wesley Santos

wesleylc1

@olivierlambert
I think the error is related to the attributes of "OpenLDAP", but I'm not sure how to filter.

wesleylc1

I made the changes, but I continue with errors.

Captura de tela de 2019-06-24 15-26-48.png

Group settings in "OpenLDAP".

Captura de tela de 2019-06-24 15-21-35.png

plugin.test
{
  "id": "auth-ldap",
  "data": {
    "username": "ws02",
    "password": "* obfuscated *"
  }
}
{
  "message": "could not authenticate user",
  "name": "Error",
  "stack": "Error: could not authenticate user
    at _authenticate.then.result (/opt/xen-orchestra/packages/xo-server-auth-ldap/src/index.js:172:14)
    at tryCatcher (/opt/xen-orchestra/node_modules/bluebird/js/release/util.js:16:23)
    at Promise._settlePromiseFromHandler (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:517:31)
    at Promise._settlePromise (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:574:18)
    at Promise._settlePromise0 (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:619:10)
    at Promise._settlePromises (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:699:18)
    at _drainQueueStep (/opt/xen-orchestra/node_modules/bluebird/js/release/async.js:138:12)
    at _drainQueue (/opt/xen-orchestra/node_modules/bluebird/js/release/async.js:131:9)
    at Async._drainQueues (/opt/xen-orchestra/node_modules/bluebird/js/release/async.js:147:5)
    at Immediate.Async.drainQueues (/opt/xen-orchestra/node_modules/bluebird/js/release/async.js:17:14)
    at runCallback (timers.js:810:20)
    at tryOnImmediate (timers.js:768:5)
    at processImmediate [as _immediateCallback] (timers.js:745:5)"
}

Best regards,
Wesley Santos

wesleylc1

Changes made, as below.

Captura de tela de 2019-06-24 15-12-07.png

Best regards,
Wesley Santos

wesleylc1

Hello, I was able to login with my ldap login, but I would like to specify a ldap user group.

Best regards,
Wesley Santos

wesleylc1

@borzel, thank you.

wesleylc1

@borzel, I made the adjustment, now a new error appears.

plugin.test
{
  "id": "auth-ldap",
  "data": {
    "username": "marcos",
    "password": "* obfuscated *"
  }
}
{
  "message": "could not authenticate user",
  "name": "Error",
  "stack": "Error: could not authenticate user
    at _authenticate.then.result (/opt/xen-orchestra/packages/xo-server-auth-ldap/src/index.js:172:14)
    at tryCatcher (/opt/xen-orchestra/node_modules/bluebird/js/release/util.js:16:23)
    at Promise._settlePromiseFromHandler (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:517:31)
    at Promise._settlePromise (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:574:18)
    at Promise._settlePromise0 (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:619:10)
    at Promise._settlePromises (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:699:18)
    at _drainQueueStep (/opt/xen-orchestra/node_modules/bluebird/js/release/async.js:138:12)
    at _drainQueue (/opt/xen-orchestra/node_modules/bluebird/js/release/async.js:131:9)
    at Async._drainQueues (/opt/xen-orchestra/node_modules/bluebird/js/release/async.js:147:5)
    at Immediate.Async.drainQueues (/opt/xen-orchestra/node_modules/bluebird/js/release/async.js:17:14)
    at runCallback (timers.js:810:20)
    at tryOnImmediate (timers.js:768:5)
    at processImmediate [as _immediateCallback] (timers.js:745:5)"
}

Best regards,
Wesley Santos

wesleylc1

Hi @DustinB an image with the settings used by my openldap server.

Captura de tela de 2019-06-24 09-56-39.png

Captura de tela de 2019-06-24 10-05-23.png

plugin.test
{
  "id": "auth-ldap",
  "data": {
    "username": "ws02",
    "password": "* obfuscated *"
  }
}
{
  "message": "192.168.45.11 is an invalid LDAP url (protocol)",
  "name": "TypeError",
  "stack": "TypeError: 192.168.45.11 is an invalid LDAP url (protocol)
    at Object.parse (/opt/xen-orchestra/node_modules/ldapjs/lib/url.js:16:13)
    at new Client (/opt/xen-orchestra/node_modules/ldapjs/lib/client/client.js:310:16)
    at createClient (/opt/xen-orchestra/node_modules/ldapjs/lib/client/index.js:54:12)
    at /opt/xen-orchestra/packages/xo-server-auth-ldap/src/index.js:184:32
    at Generator.next (<anonymous>)
    at asyncGeneratorStep (/opt/xen-orchestra/packages/xo-server-auth-ldap/dist/index.js:24:103)
    at _next (/opt/xen-orchestra/packages/xo-server-auth-ldap/dist/index.js:26:194)
    at /opt/xen-orchestra/packages/xo-server-auth-ldap/dist/index.js:26:364
    at Promise._execute (/opt/xen-orchestra/node_modules/bluebird/js/release/debuggability.js:313:9)
    at Promise._resolveFromExecutor (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:488:18)
    at new Promise (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:79:10)
    at /opt/xen-orchestra/packages/xo-server-auth-ldap/dist/index.js:26:97
    at AuthLdap._authenticate (/opt/xen-orchestra/packages/xo-server-auth-ldap/src/index.js:177:61)
    at AuthLdap.wrapper [as _authenticate] (/opt/xen-orchestra/node_modules/lodash/_createBind.js:23:15)
    at AuthLdap.test (/opt/xen-orchestra/packages/xo-server-auth-ldap/src/index.js:167:16)
    at /opt/xen-orchestra/packages/xo-server/src/xo-mixins/plugins.js:254:26
    at Generator.next (<anonymous>)
    at asyncGeneratorStep (/opt/xen-orchestra/packages/xo-server/dist/xo-mixins/plugins.js:28:103)
    at _next (/opt/xen-orchestra/packages/xo-server/dist/xo-mixins/plugins.js:30:194)
    at /opt/xen-orchestra/packages/xo-server/dist/xo-mixins/plugins.js:30:364
    at Promise._execute (/opt/xen-orchestra/node_modules/bluebird/js/release/debuggability.js:313:9)
    at Promise._resolveFromExecutor (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:488:18)
    at new Promise (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:79:10)
    at /opt/xen-orchestra/packages/xo-server/dist/xo-mixins/plugins.js:30:97
    at _default.testPlugin (/opt/xen-orchestra/packages/xo-server/src/xo-mixins/plugins.js:228:29)
    at Xo.wrapper (/opt/xen-orchestra/node_modules/lodash/_createBind.js:23:15)
    at Xo.<anonymous> (/opt/xen-orchestra/packages/xo-server/src/api/plugin.js:109:13)
    at Generator.next (<anonymous>)
    at asyncGeneratorStep (/opt/xen-orchestra/packages/xo-server/dist/api/plugin.js:15:103)
    at _next (/opt/xen-orchestra/packages/xo-server/dist/api/plugin.js:17:194)
    at /opt/xen-orchestra/packages/xo-server/dist/api/plugin.js:17:364
    at Promise._execute (/opt/xen-orchestra/node_modules/bluebird/js/release/debuggability.js:313:9)
    at Promise._resolveFromExecutor (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:488:18)
    at new Promise (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:79:10)
    at Xo.<anonymous> (/opt/xen-orchestra/packages/xo-server/dist/api/plugin.js:17:97)
    at Xo.test (/opt/xen-orchestra/packages/xo-server/dist/api/plugin.js:162:16)
    at /opt/xen-orchestra/packages/xo-server/src/xo-mixins/api.js:281:32
    at Generator.next (<anonymous>)
    at asyncGeneratorStep (/opt/xen-orchestra/packages/xo-server/dist/xo-mixins/api.js:38:103)
    at _next (/opt/xen-orchestra/packages/xo-server/dist/xo-mixins/api.js:40:194)
    at tryCatcher (/opt/xen-orchestra/node_modules/bluebird/js/release/util.js:16:23)
    at Promise._settlePromiseFromHandler (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:517:31)
    at Promise._settlePromise (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:574:18)
    at Promise._settlePromiseCtx (/opt/xen-orchestra/node_modules/bluebird/js/release/promise.js:611:10)
    at _drainQueueStep (/opt/xen-orchestra/node_modules/bluebird/js/release/async.js:142:12)
    at _drainQueue (/opt/xen-orchestra/node_modules/bluebird/js/release/async.js:131:9)
    at Async._drainQueues (/opt/xen-orchestra/node_modules/bluebird/js/release/async.js:147:5)
    at Immediate.Async.drainQueues (/opt/xen-orchestra/node_modules/bluebird/js/release/async.js:17:14)
    at runCallback (timers.js:810:20)
    at tryOnImmediate (timers.js:768:5)
    at processImmediate [as _immediateCallback] (timers.js:745:5)"
}

Best regards,
Wesley Santos

wesleylc1

Hi, has anyone been successful integrating XOCE with "OpenLDAP"?

Bestregards,
Wesley Santos