Hi dear community, I have the following problem with openldap.
In version 1.2 of indico the connection with ldap (apacheds) was carried out as follows:
('LDAP', {# by default the port is 389 if you do not specify.
# 'uri': 'ldap://ldap.mydomain.net:8080',
# use TLS (do so, if your server allows)
'useTLS': False,
# filter parameters for users, base DN to use
'peopleDNQuery': ('uid={0}', 'ou=person,dc=mydomain,dc=net'),
# filter parameters for groups, base DN to use
'groupDNQuery': ('cn={0}',
'OU=groups,dc=mydomain,dc=net'),
# SLAPD or ActiveDirectory
'groupStyle': 'SLAPD',
# access credentials of a user with read access
'accessCredentials': ('cn=admin,dc=mydomain,dc=net',
'xxxxxxxxxxxxxx'),
})
When migrating to the 2.2.5 version of Indico, the following configuration (for openldap) was attempted:
_ldap_config = {
'uri': 'ldap://ldap.mydomain.net:8080',
'bind_dn': 'cn=admin,dc=mydomain,dc=net',
'bind_password': 'xxxxxxxxxxxxx',
'timeout': 30,
'verify_cert': False,
'page_size': 1500,
# 'uid': 'cn',
'user_base': 'ou=person,dc=mydomain.dc=net',
'user_filter': '(uid={0}, ou=person,dc=mydomain,dc=net)',
'gid': 'cn',
'group_filter': ('cn={0}','ou=groups,dc=mydomain,dc=net'),
'member_of_attr': 'memberOf',
'ad_group_style': False
}
AUTH_PROVIDERS = {
'ldap': {
'type': 'ldap',
'title': 'LDAP',
'ldap': _ldap_config,
'default': False
}
}
IDENTITY_PROVIDERS = {
'ldap': {
'type': 'ldap',
'title': 'LDAP',
'ldap': _ldap_config,
'mapping': {
'first_name': 'givenName',
'last_name': 'sn',
'username': 'cn',
'email': 'mail',
},
'trusted_email': True,
'default_group_provider': True,
'synced_fields': {'first_name', 'last_name', 'address'}
}
}
but I get the following error:
The log shows the following:
2019-12-30 17:11:09,921 INFO cbf3a78cb9d84efa indico.rh POST /login/ [IP=190.xx.xx.xx] [PID=25529] [UID=None]
2019-12-30 17:11:09,944 ERROR cbf3a78cb9d84efa indico.flask {'desc': u'No such object'}
Traceback (most recent call last):
File "/opt/indico/.venv/local/lib/python2.7/site-packages/flask/app.py", line 1949, in full_dispatch_request
rv = self.dispatch_request()
File "/opt/indico/.venv/local/lib/python2.7/site-packages/flask/app.py", line 1935, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/opt/indico/.venv/local/lib/python2.7/site-packages/indico/web/flask/util.py", line 84, in wrapper
return obj().process()
File "/opt/indico/.venv/local/lib/python2.7/site-packages/indico/web/rh.py", line 275, in process
res = self._do_process()
File "/opt/indico/.venv/local/lib/python2.7/site-packages/indico/web/rh.py", line 245, in _do_process
rv = self._process()
File "/opt/indico/.venv/local/lib/python2.7/site-packages/indico/modules/auth/controllers.py", line 89, in _process
response = multipass.handle_login_form(provider, form.data)
File "/opt/indico/.venv/local/lib/python2.7/site-packages/flask_multipass/core.py", line 459, in handle_login_form
response = provider.process_local_login(data)
File "/opt/indico/.venv/local/lib/python2.7/site-packages/flask_multipass/providers/ldap/providers.py", line 75, in process_local_login
user_dn, user_data = get_user_by_id(username, attributes=[self.ldap_settings['uid']])
File "/opt/indico/.venv/local/lib/python2.7/site-packages/flask_multipass/providers/ldap/operations.py", line 58, in get_user_by_id
return find_one(current_ldap.settings['user_base'], user_filter, attributes=attributes)
File "/opt/indico/.venv/local/lib/python2.7/site-packages/flask_multipass/providers/ldap/util.py", line 177, in find_one
timeout=current_ldap.settings['timeout'], sizelimit=1)
File "/opt/indico/.venv/local/lib/python2.7/site-packages/ldap/ldapobject.py", line 1266, in search_ext_s
return self._apply_method_s(SimpleLDAPObject.search_ext_s,*args,**kwargs)
File "/opt/indico/.venv/local/lib/python2.7/site-packages/ldap/ldapobject.py", line 1204, in _apply_method_s
return func(self,*args,**kwargs)
File "/opt/indico/.venv/local/lib/python2.7/site-packages/ldap/ldapobject.py", line 848, in search_ext_s
return self.result(msgid,all=1,timeout=timeout)[1]
File "/opt/indico/.venv/local/lib/python2.7/site-packages/ldap/ldapobject.py", line 740, in result
resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
File "/opt/indico/.venv/local/lib/python2.7/site-packages/ldap/ldapobject.py", line 744, in result2
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout)
File "/opt/indico/.venv/local/lib/python2.7/site-packages/ldap/ldapobject.py", line 751, in result3
resp_ctrl_classes=resp_ctrl_classes
File "/opt/indico/.venv/local/lib/python2.7/site-packages/ldap/ldapobject.py", line 758, in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
File "/opt/indico/.venv/local/lib/python2.7/site-packages/ldap/ldapobject.py", line 331, in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
File "/opt/indico/.venv/local/lib/python2.7/site-packages/ldap/ldapobject.py", line 315, in _ldap_call
result = func(*args,**kwargs)
NO_SUCH_OBJECT: {'desc': u'No such object'}
any ideas?
thanks