0
我無法通過LDAP與用戶連接到Cloudera Manager。外部驗證 - Cloudera Manager 5和OpenLDAP
我配置了本地計算機上的LDAP服務器,所以在URI Cloudera的經理是LDAP://本地主機/ DC =例如,DC = com的
我的ACL應該允許匿名身份驗證:
access to attrs="userPassword"
by anonymous auth
by self write
by * none
access to *
by dn="uid=admin,dc=example,dc=com" write
by self write
by users read
by anonymous auth
當我做搜索手動我能找到的用戶:
[[email protected] openldap]# ldapsearch -x -L -b "ou=people,dc=example,dc=com" -s sub -H ldap://localhost -WD "cn=admin,dc=example,dc=com"
Enter LDAP Password:
version: 1
#
# LDAPv3
# base <ou=people,dc=example,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# people, example.com
dn: ou=people,dc=example,dc=com
objectClass: organizationalUnit
ou: people
# toto1, people, example.com
dn: uid=toto1,ou=people,dc=example,dc=com
objectClass: inetOrgPerson
uid: toto1
givenName: Toto1
sn: tt1
cn: Toto1
o: Example
title: System Administrator
userPassword:: e1NTSEF9T0xKaFNiaG9xOUlJTFY1YU9vQ0JzZVp3MDlUaTB1Rmgg
# search result
# numResponses: 3
# numEntries: 2
我在設置使用這種模式:
uid = {0},ou = people,dc = example,dc = com
我嘗試過使用和不使用LDAP綁定用戶專有名稱和LDAP綁定密碼。
當我嘗試連接它說(譯自法語)「用戶名或密碼無效」
我試圖與該用戶進行測試連接:
我用「toto1」作爲用戶名和「密碼」作爲密碼。 ({SSHA} OLJhSbhoq9IILV5aOoCBseZw09Ti0uFh =密碼)
我真的不知道問題出在哪裏。
編輯:我啓動OpenLDAP服務器上的日誌,並得到這個:
May 12 15:38:39 evl2400469 slapd[14256]: conn=14 fd=11 ACCEPT from IP=127.0.0.1:33908 (IP=0.0.0.0:389)
May 12 15:38:39 evl2400469 slapd[14256]: conn=14 op=0 BIND dn="cn=admin,dc=example,dc=com" method=128
May 12 15:38:39 evl2400469 slapd[14256]: conn=14 op=0 BIND dn="cn=admin,dc=example,dc=com" mech=SIMPLE ssf=0
May 12 15:38:39 evl2400469 slapd[14256]: conn=14 op=0 RESULT tag=97 err=0 text=
May 12 15:38:39 evl2400469 slapd[14256]: conn=14 op=1 SRCH base="" scope=2 deref=3 filter="(member=uid=toto1,ou=people,dc=example,dc=com)"
May 12 15:38:39 evl2400469 slapd[14256]: conn=14 op=1 SRCH attr=cn objectClass javaSerializedData javaClassName javaFactory javaCodeBase javaReferenceAddress javaClassNames javaRemoteLocation
May 12 15:38:39 evl2400469 slapd[14256]: conn=14 op=1 SEARCH RESULT tag=101 err=32 nentries=0 text=
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 fd=12 ACCEPT from IP=127.0.0.1:34083 (IP=0.0.0.0:389)
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 op=0 BIND dn="uid=toto1,ou=people,dc=example,dc=com" method=128
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 op=0 BIND dn="uid=toto1,ou=people,dc=example,dc=com" mech=SIMPLE ssf=0
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 op=0 RESULT tag=97 err=0 text=
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 op=1 SRCH base="uid=toto1,ou=people,dc=example,dc=com" scope=0 deref=3 filter="(objectClass=*)"
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 op=2 UNBIND
May 12 15:41:15 evl2400469 slapd[14256]: conn=15 fd=12 closed
May 12 15:41:15 evl2400469 slapd[14256]: conn=14 op=2 SRCH base="" scope=2 deref=3 filter="(member=uid=toto1,ou=people,dc=example,dc=com)"
May 12 15:41:15 evl2400469 slapd[14256]: conn=14 op=2 SRCH attr=cn objectClass javaSerializedData javaClassName javaFactory javaCodeBase javaReferenceAddress javaClassNames javaRemoteLocation
May 12 15:41:15 evl2400469 slapd[14256]: conn=14 op=2 SEARCH RESULT tag=101 err=32 nentries=0 text=
你能幫助我嗎?謝謝。
問候,K.