Could not login into bugzilla using LDAP
Sarav... vanaN
I could not login to the bugzilla server after configuring LDAP server.
Following are the details i used to configure LDAP.
LDAPbinddn - CN=LDAP Enginneer,OU=Company
Users,DC=domain,DC=company,DC=com:Password1
LDAPBaseDN - OU=Company Users, DC=domain, DC=company, DC=com
LDAPuidattribute - sAMAccountName
LDAPmailattribute - mail
LDAPfilter - (&(objectClass=person)(sAMAccountName={User Name}))
These are the credentials i used to login.
The sAMAccountName in LDAP server for LDAP Engineer is - ldapeng
Bugizlla Login name - lda...@domain.company.com (or) ldapeng@domain
Bugzilla password - Password1
Error: Failed to bind to the LDAP server. The error message was: 80090308:
LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece
The above credentials is not added to mysql database of bugzilla. Hope its
not required but its available in LDAP server.
At the same time using LDAPExplorerTool 2 i could see all the users of LDAP
from bugzilla server these tool is logging in.
Please help me to solve this issue.
Thanks,
Saravanan.T
On Sun, Aug 15, 2010 at 2:18 AM, Nick Couchman <Nick.C...@seakr.com>wrote:
> I have a situation where I'd like to use Bugzilla's LDAP authentication to
> look at multiple LDAP servers that have varying Base DNs. The gist of the
> situation is that I'd like Bugzilla to query our internal LDAP server, but
> I'm also setting up an LDAP server that will contain logins for some of our
> customers, partners, vendors, etc., and I'd it to query that system, as
> well. So, not only does it need to talk to multiple servers, but it needs
> to be able to associated a different Base DN with different servers.
>
> Has anyone done anything like this in Bugzilla, or does anyone know if it's
> possible?
>
> Thanks!
> -Nick
>
>
>
> --------
> This e-mail may contain confidential and privileged material for the sole
> use of the intended recipient. If this email is not intended for you, or
> you are not responsible for the delivery of this message to the intended
> recipient, please note that this message may contain SEAKR Engineering
> (SEAKR) Privileged/Proprietary Information. In such a case, you are
> strictly prohibited from downloading, photocopying, distributing or
> otherwise using this message, its contents or attachments in any way. If
> you have received this message in error, please notify us immediately by
> replying to this e-mail and delete the message from your mailbox.
> Information contained in this message that does not relate to the business
> of SEAKR is neither endorsed by nor attributable to SEAKR.
> _______________________________________________
> support-bugzilla mailing list
> support-...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/support-bugzilla
> PLEASE put support-...@lists.mozilla.org in the To: field when you
> reply.
>
fida
Normally the error "data 525" means that the ldapbinddn is not found
in the ldap directory.
Are you sure about the spelling ?
And users cannot be added in the database if bugzilla cannot connect
to the ldap directory.
Regards,
Fida
On 16 août, 08:45, "Sarav... vanaN" <ssofs.t...@gmail.com> wrote:
> Hi,
>
> I could not login to the bugzilla server after configuring LDAP server.
> Following are the details i used to configure LDAP.
>
> LDAPbinddn - CN=LDAP Enginneer,OU=Company
> Users,DC=domain,DC=company,DC=com:Password1
> LDAPBaseDN - OU=Company Users, DC=domain, DC=company, DC=com
> LDAPuidattribute - sAMAccountName
> LDAPmailattribute - mail
> LDAPfilter - (&(objectClass=person)(sAMAccountName={User Name}))
>
> These are the credentials i used to login.
>
> The sAMAccountName in LDAP server for LDAP Engineer is - ldapeng
>
> Bugizlla Login name - ldap...@domain.company.com (or) ldapeng@domain
> Bugzilla password - Password1
>
> Error: Failed to bind to the LDAP server. The error message was: 80090308:
> LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece
>
> The above credentials is not added to mysql database of bugzilla. Hope its
> not required but its available in LDAP server.
>
> At the same time using LDAPExplorerTool 2 i could see all the users of LDAP
> from bugzilla server these tool is logging in.
>
> Please help me to solve this issue.
>
> Thanks,
> Saravanan.T
>
> > support-bugzi...@lists.mozilla.org
> >https://lists.mozilla.org/listinfo/support-bugzilla
> > PLEASE put support-bugzi...@lists.mozilla.org in the To: field when you
> > reply.
Sarav... vanaN
Thanks for the response. Sorry. Yes there is a spelling mistake. Thanks for
pointing me the error.
Now i m getting Error: The username or password you entered is not valid.
Actually which credential should i use? Credential from mysql or Credential
from LDAP?
How it is releated to my LDAP configuration LDAPfiler?
Thanks,
Saravanan.T
> _______________________________________________
> support-bugzilla mailing list
> support-...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/support-bugzilla
> PLEASE put support-...@lists.mozilla.org in the To: field when you
> reply.
>
Sarav... vanaN
These are my login details in LDAP.
---------------------------------------------------
userPrincipalName: lda...@domain.company.com
sAMAccountName: ldapeng
password: Password1
There is no mail attribute...
login details in mysql
------------------------------
login_name: lda...@domain.company.com
realname: ldapeng
password: Password1
Bugzilla Configuration:
--------------------------------
LDAPbinddn - CN=LDAP
Engineer,OU=Company Users,DC=domain,DC=company,DC=com:Password1
LDAPBaseDN - OU=Company Users, DC=domain, DC=company, DC=com
LDAPuidattribute - sAMAccountName
emailsuffix - '@ptu.promise.com'
Note: Removed the LDAPmailattribute from bugzilla since there is no
attribute in LDAP and removed LDAPfilter.
I could able to login into bugzilla with the lda...@ptu.promise.com and
Password1 by having DB as active in user_verify_class. But after i change to
LDAP i could not. Also i tried as ldapeng and Password1, I could not.
Please help me.
Thanks,
Saravanan.T
On Mon, Aug 16, 2010 at 4:29 PM, fida aljounaidi
<fida.al...@gmail.com>wrote:
> Hi
>
> What credentials should you use for what? administrating Bugzilla or normal
> web interface use?
> If you want to change bugzilla parameters you can edit directly the file
> data/params on your installation.
> But for normal use of Bugzilla you have to use your ldap account.
> You can also use mix between ldap authentication and database
> authentication.
> When you use ldap authentication, the user information will be
> synchronized with bugzilla database (when user connect for the first time).
> to be able to use bugzilla, user information must be set on the database.
> LDAPFilter is important because it defines rule on how to find user list on
> your ldap installation. I suggest you to delete the filter
> (sAMAccountName={User Name})) .
> Are you sure about the user ObjectClass=person?
>
> Fida
>
>
>
>
> On 16 August 2010 12:30, Sarav... vanaN <ssofs...@gmail.com> wrote:
>
>> Hi Fida,
>>
>> Thanks for the response. Sorry. Yes there is a spelling mistake. Thanks
>> for pointing me the error.
>>
>> Now i m getting Error: The username or password you entered is not valid.
>>
>> Actually which credential should i use? Credential from mysql or
>> Credential from LDAP?
>>
>> How it is releated to my LDAP configuration LDAPfiler?
>>
>>
>> Thanks,
>> Saravanan.T
>>
>> On Mon, Aug 16, 2010 at 3:41 PM, fida <fida.al...@gmail.com> wrote:
>>
>>> _______________________________________________
>>> support-bugzilla mailing list
>>> support-...@lists.mozilla.org
>>> https://lists.mozilla.org/listinfo/support-bugzilla
>>> PLEASE put support-...@lists.mozilla.org in the To: field when you
>>> reply.
>>>
>>
>>
>
fida aljounaidi
details inspite of mailregex.
Are you using the email address as userPrincipalName for all the account? If
it is the case, you can put userPrincipalName as "ldapmailattribute".
your DN is : CN=LDAP Engineer,OU=Company Users,DC=domain,DC=company,DC=com,
right?
Are you changing your parameters from data/params or from the interface?
Can you try to make a siple ldapsearch request binding with this account?
Fida
On 16 August 2010 13:50, Sarav... vanaN <ssofs...@gmail.com> wrote:
> Hi,
>
> These are my login details in LDAP.
> ---------------------------------------------------
>
> userPrincipalName: lda...@domain.company.com
> sAMAccountName: ldapeng
> password: Password1
> There is no mail attribute...
>
>
> login details in mysql
> ------------------------------
>
> login_name: lda...@domain.company.com
> realname: ldapeng
> password: Password1
>
>
> Bugzilla Configuration:
> --------------------------------
>
> LDAPbinddn - CN=LDAP
> Engineer,OU=Company Users,DC=domain,DC=company,DC=com:Password1
>
> LDAPBaseDN - OU=Company Users, DC=domain, DC=company, DC=com
> LDAPuidattribute - sAMAccountName
>>>> _______________________________________________
>>>> support-bugzilla mailing list
>>>> support-...@lists.mozilla.org
>>>> https://lists.mozilla.org/listinfo/support-bugzilla
>>>> PLEASE put support-...@lists.mozilla.org in the To: field when you
>>>> reply.
>>>>
>>>
>>>
>>
>
Sarav... vanaN
Actually the problem is I am new to LDAP also I dont have LDAP access, its
in client place. Only thing i can do is that using LDAPExplorerTool2 i can
see the users and DN of LDAP. I dont know what you meant by simple search in
LDAP.
Yes my DN is : CN=LDAP
Engineer,OU=Company Users,DC=domain,DC=company,DC=com. Verified with the
LDAPExplorer tool.
I didn't logged out from my administrator account, so I could change the
parameters from interface itself.
I tried configuring userPrincipalName as LDAPmailattribute again it results
to same error.
Thanks,
Saravanan.T
On Mon, Aug 16, 2010 at 5:57 PM, fida aljounaidi
<fida.al...@gmail.com>wrote:
> It could be easier if you add the mail attribute to the ldap account
>> Engineer,OU=Company Users,DC=domain,DC=company,DC=com:Password1
>>
>> LDAPBaseDN - OU=Company Users, DC=domain, DC=company, DC=com
>> LDAPuidattribute - sAMAccountName
>>>>> _______________________________________________
>>>>> support-bugzilla mailing list
>>>>> support-...@lists.mozilla.org
>>>>> https://lists.mozilla.org/listinfo/support-bugzilla
>>>>> PLEASE put support-...@lists.mozilla.org in the To: field when
>>>>> you reply.
>>>>>
>>>>
>>>>
>>>
>>
>
Sarav... vanaN
sAMAccountName for login into bugzilla?
Thanks for your responses.
Saravanan.T
>>> Engineer,OU=Company Users,DC=domain,DC=company,DC=com:Password1
>>>
>>> LDAPBaseDN - OU=Company Users, DC=domain, DC=company, DC=com
>>> LDAPuidattribute - sAMAccountName
>>>>>> _______________________________________________
>>>>>> support-bugzilla mailing list
>>>>>> support-...@lists.mozilla.org
>>>>>> https://lists.mozilla.org/listinfo/support-bugzilla
>>>>>> PLEASE put support-...@lists.mozilla.org in the To: field when
>>>>>> you reply.
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>
>
fida aljounaidi
you can have the list with anonymous bind?
If first, it's OK, that's mean that you can connect to ldap directory with
you credentials. You do't have to try and search request.
Otherwise, simple search is executing ldapsearch for example like this
ldapsearch -b "OU=Company Users,DC=domain,DC=company,DC=com" -D "CN=LDAP
engineer,OU=Company Users,DC=domain,DC=company,DC=com" -w password1 -x -h
ldapserveraddress "(objectClass=person))"
To see if you can search for users with your binding.
By the way, which OS are you using?
Thanks
Fida
>>> Engineer,OU=Company Users,DC=domain,DC=company,DC=com:Password1
>>>
>>> LDAPBaseDN - OU=Company Users, DC=domain, DC=company, DC=com
>>> LDAPuidattribute - sAMAccountName
>>>>>> _______________________________________________
>>>>>> support-bugzilla mailing list
>>>>>> support-...@lists.mozilla.org
>>>>>> https://lists.mozilla.org/listinfo/support-bugzilla
>>>>>> PLEASE put support-...@lists.mozilla.org in the To: field when
>>>>>> you reply.
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>
>
Sarav... vanaN
Password1.
I m using Windows 2008 server.
Thanks,
Saravanan.T
On Mon, Aug 16, 2010 at 6:48 PM, fida aljounaidi
<fida.al...@gmail.com>wrote:
>>>> Engineer,OU=Company Users,DC=domain,DC=company,DC=com:Password1
>>>>
>>>> LDAPBaseDN - OU=Company Users, DC=domain, DC=company, DC=com
>>>> LDAPuidattribute - sAMAccountName
>>>> emailsuffix - '@ptu.promise.com'
>>>> Note: Removed the LDAPmailattribute from bugzilla since there is no
>>>> attribute in LDAP and removed LDAPfilter.
>>>>
>>>>
>>>> I could able to login into bugzilla with the lda...@ptu.promise.comand Password1 by having DB as active in user_verify_class. But after i
>>>>>>> _______________________________________________
>>>>>>> support-bugzilla mailing list
>>>>>>> support-...@lists.mozilla.org
>>>>>>> https://lists.mozilla.org/listinfo/support-bugzilla
>>>>>>> PLEASE put support-...@lists.mozilla.org in the To: field when
>>>>>>> you reply.
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
Sarav... vanaN
lot of effort for this but i was not able to login.
Thanks Thanks a lot,
Saravanan.T
On Mon, Aug 16, 2010 at 6:57 PM, fida aljounaidi
<fida.al...@gmail.com>wrote:
> You have to login with the "LDAPuidattribute" so here it is the
> sAMAccountName.
>
>
>
> On 16 August 2010 14:58, Sarav... vanaN <ssofs...@gmail.com> wrote:
>
>> And one doubt is should I used userPrincipleName that email or
>> sAMAccountName for login into bugzilla?
>>
>> Thanks for your responses.
>>
>>>>> Engineer,OU=Company Users,DC=domain,DC=company,DC=com:Password1
>>>>>
>>>>> LDAPBaseDN - OU=Company Users, DC=domain, DC=company, DC=com
>>>>> LDAPuidattribute - sAMAccountName
>>>>>>>> _______________________________________________
>>>>>>>> support-bugzilla mailing list
>>>>>>>> support-...@lists.mozilla.org
>>>>>>>> https://lists.mozilla.org/listinfo/support-bugzilla
>>>>>>>> PLEASE put support-...@lists.mozilla.org in the To: field when
>>>>>>>> you reply.
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
fida aljounaidi
>>>> Engineer,OU=Company Users,DC=domain,DC=company,DC=com:Password1
>>>>
>>>> LDAPBaseDN - OU=Company Users, DC=domain, DC=company, DC=com
>>>> LDAPuidattribute - sAMAccountName
>>>>>>> _______________________________________________
>>>>>>> support-bugzilla mailing list
>>>>>>> support-...@lists.mozilla.org
>>>>>>> https://lists.mozilla.org/listinfo/support-bugzilla
>>>>>>> PLEASE put support-...@lists.mozilla.org in the To: field when
>>>>>>> you reply.
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>