LDAP Authentication in 4.2

Discussion:

zenoR

2012-09-24 15:44:21 UTC

zenoR [http://community.zenoss.org/people/zenoR] created the discussion

"LDAP Authentication in 4.2"

To view the discussion, visit: http://community.zenoss.org/message/68704#68704

--------------------------------------------------------------
Has LDAP authentication changed in zenoss 4.2? Are the following Docs still relevant: http://community.zenoss.org/docs/DOC-2510 http://community.zenoss.org/docs/DOC-2510

I'm looking to implement it sometime soon and if anyone has any advice or experience, please share.

Thank you!
--------------------------------------------------------------

Reply to this message by replying to this email -or- go to the discussion on Zenoss Community
[http://community.zenoss.org/message/68704#68704]

Start a new discussion in zenoss-users by email
[discussions-community-forums-zenoss--***@community.zenoss.org] -or- at Zenoss Community
[http://community.zenoss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2003]

kenhen93

2012-09-24 19:35:19 UTC

Permalink

kenhen93 [http://community.zenoss.org/people/kenhen93] created the discussion

"Re: LDAP Authentication in 4.2"

To view the discussion, visit: http://community.zenoss.org/message/68722#68722

--------------------------------------------------------------
Yes those directions are still revelvant. I commented at the bottom of that post saying I was able to install ldap on x64 4.2 core. I actually tried newer packages but they require too many prereqs.
--------------------------------------------------------------

Reply to this message by replying to this email -or- go to the discussion on Zenoss Community
[http://community.zenoss.org/message/68722#68722]

Start a new discussion in zenoss-users by email
[discussions-community-forums-zenoss--***@community.zenoss.org] -or- at Zenoss Community
[http://community.zenoss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2003]

harpermann

2013-08-10 00:49:38 UTC

Permalink

harpermann [http://community.zenoss.org/people/harpermann] created the discussion

"Re: LDAP Authentication in 4.2"

To view the discussion, visit: http://community.zenoss.org/message/74331#74331

--------------------------------------------------------------
This worked with CentOS 6.4 with the latest core-autodeploy.sh (zenoss-4.2.4-1859.el6.x86_64)

zenoss> easy_install python-ldap
zenoss> easy_install LDAPMultiPlugins
zenoss> easy_install LDAPMultiPlugins
zenoss> zopectl restart

Then did this: http://blogs.oregonstate.edu/sig/2013/03/28/enabling-ldap-authentication-in-zenoss-core-4-2-and-centos-6/ http://blogs.oregonstate.edu/sig/2013/03/28/enabling-ldap-authentication-in-zenoss-core-4-2-and-centos-6/
My config needed cn for the user name

http://community.zenoss.org/message/30124#30124#30124 http://community.zenoss.org/message/30124#30124 got the groups working but I basically just mapped an LDAP group to the zenoss Manager group from the groups tab.

Nice stuff!
--------------------------------------------------------------

Reply to this message by replying to this email -or- go to the discussion on Zenoss Community
[http://community.zenoss.org/message/74331#74331]

Start a new discussion in zenoss-users at Zenoss Community
[http://community.zenoss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2003]

thomas

2013-09-06 08:54:23 UTC

Permalink

thomas [http://community.zenoss.org/people/thomas] created the discussion

"Re: LDAP Authentication in 4.2"

To view the discussion, visit: http://community.zenoss.org/message/74581#74581

--------------------------------------------------------------
I have followed the guide on http://blogs.oregonstate.edu/sig/2013/03/28/enabling-ldap-authentication-in-zenoss-core-4-2-and-centos-6/ http://blogs.oregonstate.edu/sig/2013/03/28/enabling-ldap-authentication-in-zenoss-core-4-2-and-centos-6/ as well (username is uid) and it is working for me, I have used the following versions:

Products.LDAPMultiPlugins-1.14.tar.gz
Products.LDAPUserFolder-2.26.tar.gz
python-ldap-2.4.13.tar.gz

However there is a bug in Products.LDAPUserFolder-2.26.tar.gz, I have just made a bugreport here:

https://bugs.launchpad.net/ldapuserfolder/+bug/1221624 https://bugs.launchpad.net/ldapuserfolder/+bug/1221624

I'm not sure what exact impact the bug has, but I was noticing some WARNINGS when I restarted zenoss, and I don't like that.

Otherwise it is pretty simple, as long as you know all details of your ldap-setup :-)

If you are using ldaps (ldap over ssl) then remember that the certificate must be trusted, I had to follow this procedure: http://www.bradchen.com/blog/2012/08/openldap-tls-issue http://www.bradchen.com/blog/2012/08/openldap-tls-issue because our ldap-server has a self-signed certificate.

I'm not using groups in LDAP and my username is UID.
--------------------------------------------------------------

Reply to this message by replying to this email -or- go to the discussion on Zenoss Community
[http://community.zenoss.org/message/74581#74581]

Start a new discussion in zenoss-users at Zenoss Community
[http://community.zenoss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2003]