New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[dev.icinga.com #10659] LDAP group members are shown with their DN and membership registration does not work #2146
Comments
Updated by elippmann on 2015-11-17 11:49:39 +00:00
Hi, Could you please share your configuration for both the user and group backend? Best, |
Updated by greatexpectations on 2015-11-17 11:56:48 +00:00 Hi Eric, sure, however we were just using the default settings. /etc/icingaweb2/authentication.ini:
/etc/icingaweb2/groups.ini:
Excerpt from /etc/icingaweb2/resources.ini:
Regards |
Updated by Foxeronie on 2015-11-17 19:51:07 +00:00 I have the same problem. It worked until this commit
Also my settings: resources.ini
authentication.ini
groups.ini
|
Updated by jmeyer on 2015-11-23 12:18:51 +00:00 Hi all, we need more details about your environment to solve this appropriately, as it's working in our testing environment with ActiveDirectory and OpenLDAP.
Best regards, |
Updated by jmeyer on 2015-11-24 08:43:41 +00:00
|
Updated by jmeyer on 2015-11-24 08:46:01 +00:00
Applied in changeset 916c417. |
Updated by elippmann on 2015-11-26 10:18:50 +00:00
|
Updated by jorfermo on 2015-12-09 09:33:06 +00:00 I'm having the same problem even after applying the patch. AD users log in succesfully but the dashboard page shows: "Currently there is no dashlet available. Please contact the administrator." EDIT: It was a problem on my config. All's fine now. |
Updated by plarivee on 2016-06-16 13:19:06 +00:00 jorfermo wrote:
Can you elaborate on what was the problem in your config ? |
This issue has been migrated from Redmine: https://dev.icinga.com/issues/10659
Created by greatexpectations on 2015-11-17 10:42:06 +00:00
Assignee: jmeyer
Status: Resolved (closed on 2015-11-24 08:46:01 +00:00)
Target Version: 2.1.1
Last Update: 2016-06-16 13:19:06 +00:00 (in Redmine)
Hi,
I have upgraded to Icingaweb2 2.1.0 on CentOS 7 using the Icinga Yum repository. Now we find that our ActiveDirectory authorization scheme which is based on group membership no longer works.
That is, users can still log in using their AD login and password (so user-based authentication works), but all they get is an empty dashboard with no options at all. We have defined roles based on AD group membership, and it seems that the association between users and groups can no longer be established with the last update.
AD groups are still listed in the UI (Configuration -> Authorization -> User Groups), but members are shown using their distinguished name (e.g. "CN=Full Name,OU=Users,DC=foo,DC=bar" instead of just "fname"). When inspecting AD users, no group memberships are shown.
Kind regards
Changesets
2015-11-24 08:45:49 +00:00 by jmeyer 916c417
The text was updated successfully, but these errors were encountered: