Comments (9)
included error message and answer-file: https://gist.github.com/rackergs/537e4fd9b5983f70a19d
from ldap_fluff.
Simple bind anonymously:
irb(main):015:0> ldap = Net::LDAP.new(:host => server, :port => port, :base => 'ou.Users,o=mydomain', :encryption => :simple_tls) => #<Net::LDAP:0x00000001303be8 @host="auth.mydomain.com", @port=636, @verbose=false, @auth={:method=>:anonymous}, @base="ou.Users,o=mydomain", @encryption={:method=>:simple_tls}, @open_connection=nil> irb(main):016:0> ldap.bind => true irb(main):017:0> ldap.get_operation_result => #<OpenStruct code=0, message="Success">
Simple bind with auth the way ldap_fluff does it
irb(main):001:0> require "net/ldap" => true irb(main):002:0> server ='auth.mydomain.com' => "auth.mydomain.com" irb(main):003:0> port = 636 => 636 irb(main):008:0> ldap = Net::LDAP.new(:host => server, :port => port, :base => 'ou.Users,o=mydomain', :encryption => :simple_tls) => #<Net::LDAP:0x000000012d3790 @host="auth.mydomain.com", @port=636, @verbose=false, @auth={:method=>:anonymous}, @base="ou.Users,o=mydomain", @encryption={:method=>:simple_tls}, @open_connection=nil> irb(main):009:0> uid='' => "" irb(main):011:0> ldap.auth "uid=#{uid},#{@base}", password => {:method=>:simple, :username=>"uid=,", :password=>""} irb(main):012:0> ldap.bind => false irb(main):014:0> ldap.get_operation_result => #<OpenStruct code=21, message="unknown result (21)">
simple bind and auth the way the Net::LDAP doc says to:
irb(main):024:0> ldap = Net::LDAP.new(:host => server, :port => port, :base => 'ou.Users,o=mydomain', :encryption => :simple_tls, :auth => { :method => :simple, :username => "cn=#{uid},ou=Users,o=mydomain", :password => password } ) => #<Net::LDAP:0x00000001312aa8 @host="auth.mydomain.com", @port=636, @verbose=false, @auth={:method=>:simple, :username=>"cn=,ou=Users,o=mydomain", :password=>""}, @base="ou.Users,o=mydomain", @encryption={:method=>:simple_tls}, @open_connection=nil> irb(main):025:0> ldap.bind => true irb(main):026:0> ldap.get_operation_result => #<OpenStruct code=0, message="Success">
from ldap_fluff.
So the 2 things i take from this are:
1: simple_tls needs to be supported (and documented) as an encryption option for non-start_tls but still ssl'd (I re-ran that last successful attempt with :start_tls instead and i get the connection reset by peer)
2: the .bind? 's auth method doesn't seem right
from ldap_fluff.
Regarding the typo above of 'ou.Users' is just a typo, the results with the correct data are the same.
Also, I noticed that #{@base} does not seem to be getting populated in that same example. So I just redid the example making sure the base was populated. Now the result is:
irb(main):022:0> ldap.get_operation_result => #<OpenStruct code=49, message="Invalid Credentials">
So I change from uid= to cn= and re-ran the same thing and I get the success.
Considering all the ldap examples i've ever seen say cn=, whats with the uid=?
from ldap_fluff.
@gregswift Can you try #26 ?
from ldap_fluff.
@elobato is installing from your branch the best way to verify this?
from ldap_fluff.
That should work
On Jul 21, 2014 4:34 PM, "rackergs" [email protected] wrote:
@elobato https://github.com/eLobato is installing from your branch the
best way to verify this?—
Reply to this email directly or view it on GitHub
#17 (comment).
from ldap_fluff.
i'm sorry, have not had the time to try this at all.
from ldap_fluff.
Could this be solved with #71?
from ldap_fluff.
Related Issues (16)
- Support Global Catalogs in Active Directory
- Make config path configurable
- Raise exception instead of exit
- Rename ldap_flug.gemspec HOT 2
- start_tls not working on Centos 6.5
- Relax ActiveSupport dependency HOT 6
- LICENSE in distributed gem HOT 2
- expose the mail attribute in the config class HOT 1
- Users with commas in their CNs cause errors HOT 3
- etc/ldap_fluff.yml has incorrect comment HOT 1
- _walk_group_ancestry() from LdapFluff::ActiveDirectory::MemberService can recurse in an infinite loop
- Add feature to validate server configuration HOT 1
- Use `msds-memberoftransitive` for AD group lookups HOT 2
- Functions to check validate user & group names HOT 1
- Investigate password expiration prompts
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ldap_fluff.