Project

General

Profile

I need help with LDAP user accounts

Added by Daniel Wells about 12 years ago

I set up a Redmine Bitnami appliance (openSuse) and in the setup I was having problems authenticating users. I am using LDAP against eDirectory with the "on-the-fly user creation" checked.

My environment is:

About your application's environment
Ruby version 1.8.7 (i686-linux)
RubyGems version 1.6.2
Rack version 1.1.1
Rails version 2.3.14
Active Record version 2.3.14
Active Resource version 2.3.14
Action Mailer version 2.3.14
Active Support version 2.3.14
Application root /opt/bitnami/apps/redmine
Environment production
Database adapter mysql
Database schema version 20110902000000

The LDAP authentication uses

Login = cn
First Name = givenname
Last Name = sn
Email = mail

I ran a "ndstrace" identifying the LDAP and authentiation things and noted that Redmine is adding something to the user name. The trace found the failing user named "test" was being sent as "<.test.mhtn_com.SLC.MHTN.MHTN_TREE.>" and the successful user "test1" was being sent as "<.Test1.SLC.MHTN.MHTN_TREE.>".

What would cause two users to be sent differently?


Replies (3)

RE: I need help with user accounts - Added by Daniel Wells about 12 years ago

I set up a second Redmine VM and went at the problem from a clean instance. With only the initial admin user I set up the LDAP authentication. It was not the problem I thought, but the problem is still there. Some users can log in and others cannot.

RE: I need help with user accounts - Added by Daniel Wells about 12 years ago

It would appear that Redmine is adding something to the user name. A trace found the failing user named "test" was being sent as "<.test.mhtn_com.SLC.MHTN.MHTN_TREE.>" and the successful user "test1" was being sent as "<.Test1.SLC.MHTN.MHTN_TREE.>".

What would cause two users to be sent differently?

RE: I need help with LDAP user accounts - Added by Daniel Wells about 12 years ago

Ah-ha, the problem has been found. The eDirectory tree has DNS and DHCP information in it and someone had a device named the same as the user.

    (1-3/3)