Ask Your Question
1

Problem with active directory authentication

asked 2014-03-12 13:50:55 -0600

sam gravatar image

updated 2014-03-12 17:13:07 -0600

Stefan gravatar image

Problem with active directory authentication. Enabling active directory authentication overrides local authentication. (i.e I am unable to log in with my local credentials). Is there a reason for this? I edited the code below with my information and replaced objectClass = person with bbjectClass= user. If anyone has another way of doing this please advice.

authenticator:
  - class: CASServer::Authenticators::ActiveDirectoryLDAP
    ldap:
      host: ad.example.net
      port: 389
      base: dc=example,dc=net
      filter: (objectClass=person)
      auth_user: authenticator
      auth_password: itsasecret
edit retag flag offensive close merge delete

Comments

can you please clarify about what product you are talking about? Is this some application you deploy with puppet, or a puppet application itself (like puppet dashboard or puppet console)

Stefan gravatar imageStefan ( 2014-03-12 14:27:17 -0600 )edit

I am setting up active directory authentication on a test environment for PE 3.2 where all the components like db, console and master are installed on the same box.

sam gravatar imagesam ( 2014-03-12 15:30:37 -0600 )edit

I have been following the steps to configure active directory based on the documentation provided on the website. But the moment I uncomment the AD section in config.yml my ...(more)

sam gravatar imagesam ( 2014-03-12 15:32:25 -0600 )edit

I guess you are referring to http://docs.puppetlabs.com/pe/latest/console_config.html#configuring-rubycas-serverconfigyml. Have you replaced the CASServer::Authenticators::SQLEncrypted section (like your pasted configuration suggest) or merely ...(more)

Stefan gravatar imageStefan ( 2014-03-12 17:16:03 -0600 )edit

I did not replace CASServer::Authenticators::SQLEncrypted section, I just added the authentication section for the active directory below it. Which is why I don't understand why it bypasses ...(more)

sam gravatar imagesam ( 2014-03-12 18:15:39 -0600 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2014-03-17 17:17:25 -0600

chsnell gravatar image

updated 2014-03-17 17:34:30 -0600

Stefan gravatar image

You need to make the authenticator piece an array in the rubycas-server/config.yml file. Make sure the local authentication section is not commented out, then uncomment your AD section, but leave the "authenticator:" line commented, and that should work for you. You'll probably want the local authentication database before the AD section.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2014-03-12 13:50:55 -0600

Seen: 523 times

Last updated: Mar 17 '14