Ask Your Question
0

Enterprise Console LDAP authorization and the default administrator account.

asked 2013-09-25 11:53:01 -0500

pkoochin gravatar image

updated 2013-09-25 12:13:08 -0500

I'm trying to configure the Puppet Console to allow for LDAP authentication and I am able to authenticate with LDAP users but once I enable LDAP I'm now no longer able to sign in with the administrator account that I've specified during install.

Now, from the documentation I read:

The order in which authentication services are listed in the cas_client_config.yml file is the order in which the services will be checked for valid accounts. In other words, the first service that returns an account matching the entered user credential is the service that will perform authentication ... (more)

edit retag flag offensive close merge delete

Comments

Is the admin account the same login name as something that could return for LDAP?

Celia gravatar imageCelia ( 2013-09-25 12:20:17 -0500 )edit

It is however the local authentication is listed before the LDAP one and according to the docs the order in the config file is the order that the authentication is ...(more)

pkoochin gravatar imagepkoochin ( 2013-09-25 12:44:44 -0500 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2013-09-25 16:36:14 -0500

pkoochin gravatar image

I found the solution for this problem. It was a syntax problem in my config file. In the file /etc/puppetlabs/rubycas-server/config.yml I was using this format:

authenticator:
  class: CASServer::Authenticators::SQLEncrypted
  database:
    reconnect: true
    adapter: postgresql
    database: console_auth
    username: console_auth
    password: 'BLAH'
    host: localhost
    port: 5432
  user_table: users
  username_column: username

authenticator:
  class: CASServer::Authenticators::LDAP
  ldap:
    host: ldaphost.com
    port: 389
    base: o=blah
    username_attribute: uid
    filter: (FILTER)

When it should have been:

authenticator:
  - class: CASServer::Authenticators::SQLEncrypted
    database:
      reconnect: true
      adapter: postgresql
      database: console_auth
      username: console_auth
      password: 'BLAH'
      host: localhost
      port: 5432
    user_table: users
    username_column: username ...
(more)
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2013-09-25 11:53:01 -0500

Seen: 611 times

Last updated: Sep 25 '13