Ask Your Question
0

Error Starting PE-Puppet-Dashboard-Workers Script

asked 2013-02-06 20:52:29 -0500

louis gravatar image

I followed the instructions to configure LDAP on Puppet Enterprise 2.7

http://docs.puppetlabs.com/pe/2.7/console_auth.html#using-third-party-authentication-services

I am trying to setup two different authenticators (SQL and Active Directory) and i have the following configuration for the rubycas-server/config.yml and console-auth/casclientconfig.yml

> authenticator:
>   -
>     class: CASServer::Authenticators::SQLEncrypted
>       database:
>       database: console_auth
>       adapter: mysql
>       password: fHGXDwDDGUFX6b4xhjjd
>       reconnect: true
>       username: console_auth
>       username_column: username
>       user_table: users
>   -
>     class: CASServer::Authenticators::ActiveDirectoryLDAP
>       ldap:
>       host: myserver
>       port: 2323
>       base: cn=xxxx,dc=yyy
>       filter: (objectClass=person)
>       auth_user: cn=_UserPuppet,ou=xxx,ou=xx,ou=ff,dc=xx ...
(more)
edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
1

answered 2013-02-13 12:40:12 -0500

I have got this working before - I think the problem might be that your YAML is badly formatted in the config.yml - the indenting is really important to get the data loaded by the rubycas server properly:

authenticator:
  - class: CASServer::Authenticators::SQLEncrypted
    database:
      reconnect: true
      adapter: mysql
      database: console_auth
      username: console_auth
      password: 'xxxxxxxx'
    user_table: users
    username_column: username
  - class: CASServer::Authenticators::ActiveDirectoryLDAP
    ldap:
      host: 192.168.0.6
      port: 389
      base: dc=puppet-ad,dc=spence,dc=org,dc=uk,dc=local
      filter: (&(objectClass=person)(memberof=CN=puppetconsoleaccess,OU=Groups,DC=puppet-ad,DC=spence,DC=org,DC=uk,DC=local))
      auth_user: cn ...
(more)
edit flag offensive delete link more

Comments

It seems that worked using the following filter.

(&(objectCategory=person)(objectClass=user))

louis gravatar imagelouis ( 2013-04-09 12:37:20 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2013-02-06 20:52:29 -0500

Seen: 472 times

Last updated: Feb 13 '13