Sep 24, 2012 11:44 AM
LDAP Authentication in 4.2
-
Like (0)
Has LDAP authentication changed in zenoss 4.2? Are the following Docs still relevant: docs/DOC-2510
I'm looking to implement it sometime soon and if anyone has any advice or experience, please share.
Thank you!
Yes those directions are still revelvant. I commented at the bottom of that post saying I was able to install ldap on x64 4.2 core. I actually tried newer packages but they require too many prereqs.
This worked with CentOS 6.4 with the latest core-autodeploy.sh (zenoss-4.2.4-1859.el6.x86_64)
zenoss> easy_install python-ldap
zenoss> easy_install products.ldapmultiplugins
zenoss> easy_install products.ldapuserfolder
zenoss> zopectl restart
Then did this: http://blogs.oregonstate.edu/sig/2013/03/28/enabling-ldap-authentication-in-zenoss-core-4-2-and-centos-6/
My config needed cn for the user name
message/30124#30124 got the groups working but I basically just mapped an LDAP group to the zenoss Manager group from the groups tab.
Nice stuff!
I have followed the guide on http://blogs.oregonstate.edu/sig/2013/03/28/enabling-ldap-authentication-in-zenoss-core-4-2-and-centos-6/ as well (username is uid) and it is working for me, I have used the following versions:
Products.LDAPMultiPlugins-1.14.tar.gz
Products.LDAPUserFolder-2.26.tar.gz
python-ldap-2.4.13.tar.gz
However there is a bug in Products.LDAPUserFolder-2.26.tar.gz, I have just made a bugreport here:
https://bugs.launchpad.net/ldapuserfolder/+bug/1221624
I'm not sure what exact impact the bug has, but I was noticing some WARNINGS when I restarted zenoss, and I don't like that.
Otherwise it is pretty simple, as long as you know all details of your ldap-setup :-)
If you are using ldaps (ldap over ssl) then remember that the certificate must be trusted, I had to follow this procedure: http://www.bradchen.com/blog/2012/08/openldap-tls-issue because our ldap-server has a self-signed certificate.
I'm not using groups in LDAP and my username is UID.
Follow Us On Twitter »
|
Latest from the Zenoss Blog » | Community | Products | Services Resources | Customers Partners | About Us | ||
Copyright © 2005-2011 Zenoss, Inc.
|
||||||||