add support for eDir LDAP type #17
Comments
|
included error message and answer-file: https://gist.github.com/rackergs/537e4fd9b5983f70a19d |
|
Simple bind anonymously: irb(main):015:0> ldap = Net::LDAP.new(:host => server, :port => port, :base => 'ou.Users,o=mydomain', :encryption => :simple_tls)
=> #<Net::LDAP:0x00000001303be8 @host="auth.mydomain.com", @port=636, @verbose=false, @auth={:method=>:anonymous}, @base="ou.Users,o=mydomain", @encryption={:method=>:simple_tls}, @open_connection=nil>
irb(main):016:0> ldap.bind
=> true
irb(main):017:0> ldap.get_operation_result
=> #<OpenStruct code=0, message="Success">
Simple bind with auth the way ldap_fluff does it irb(main):001:0> require "net/ldap"
=> true
irb(main):002:0> server ='auth.mydomain.com'
=> "auth.mydomain.com"
irb(main):003:0> port = 636
=> 636
irb(main):008:0> ldap = Net::LDAP.new(:host => server, :port => port, :base => 'ou.Users,o=mydomain', :encryption => :simple_tls)
=> #<Net::LDAP:0x000000012d3790 @host="auth.mydomain.com", @port=636, @verbose=false, @auth={:method=>:anonymous}, @base="ou.Users,o=mydomain", @encryption={:method=>:simple_tls}, @open_connection=nil>
irb(main):009:0> uid=''
=> ""
irb(main):011:0> ldap.auth "uid=#{uid},#{@base}", password
=> {:method=>:simple, :username=>"uid=,", :password=>""}
irb(main):012:0> ldap.bind
=> false
irb(main):014:0> ldap.get_operation_result
=> #<OpenStruct code=21, message="unknown result (21)">
simple bind and auth the way the Net::LDAP doc says to: irb(main):024:0> ldap = Net::LDAP.new(:host => server, :port => port, :base => 'ou.Users,o=mydomain', :encryption => :simple_tls, :auth => { :method => :simple, :username => "cn=#{uid},ou=Users,o=mydomain", :password => password } )
=> #<Net::LDAP:0x00000001312aa8 @host="auth.mydomain.com", @port=636, @verbose=false, @auth={:method=>:simple, :username=>"cn=,ou=Users,o=mydomain", :password=>""}, @base="ou.Users,o=mydomain", @encryption={:method=>:simple_tls}, @open_connection=nil>
irb(main):025:0> ldap.bind
=> true
irb(main):026:0> ldap.get_operation_result
=> #<OpenStruct code=0, message="Success">
|
|
So the 2 things i take from this are: 1: simple_tls needs to be supported (and documented) as an encryption option for non-start_tls but still ssl'd (I re-ran that last successful attempt with :start_tls instead and i get the connection reset by peer) 2: the .bind? 's auth method doesn't seem right |
|
Regarding the typo above of 'ou.Users' is just a typo, the results with the correct data are the same. Also, I noticed that #{@base} does not seem to be getting populated in that same example. So I just redid the example making sure the base was populated. Now the result is: irb(main):022:0> ldap.get_operation_result => #<OpenStruct code=49, message="Invalid Credentials"> So I change from uid= to cn= and re-ran the same thing and I get the success. Considering all the ldap examples i've ever seen say cn=, whats with the uid=? |
|
@gregswift Can you try #26 ? |
|
@elobato is installing from your branch the best way to verify this? |
|
That should work
|
|
i'm sorry, have not had the time to try this at all. |
|
Could this be solved with #71? |
described here: https://www.netiq.com/products/edirectory/
requested by @rackergs
The text was updated successfully, but these errors were encountered: