Missing an LDAP Bind DN?

[Joe Campbell]

There is currently no way to set a bind DN for a bind user to access
the LDAP. My ldap does not support anonymous binding. Am I missing
this config or is truly not there?

[Joe Campbell]

Never mind - I found this after looking at how the code worked. This
is currently listed as an Anonymous Bind Mask/Anonymous User Mask and
an Anonymous User Password. These are actually the BIND DN and BIND
Password that I was looking for and are just very badly mislabeled on
the site.

Thanks,
Joe

[Tamer Afify]

Wow, who named those labels MUST be different from who coded the authentication, or he is super dum. I have been days trying to figure out what is wrong with my ldap login. I'm sure you did too in this 8days. I should have re-engineered the code to figure how to use a reviewboard feature. That is how the world should go forward.

Really thankful for your post here.

[Christian Hammond]

It's the result of a number of patches changing the logic over the years without keeping the UI in sync.

This is much improved in 2.0.

Christian

--
Christian Hammond - chi...@chipx86.com
Review Board - http://www.reviewboard.org

Beanbag, Inc. - http://www.beanbaginc.com

--
Get the Review Board Power Pack at http://www.reviewboard.org/powerpack/
---
Sign up for Review Board hosting at RBCommons: https://rbcommons.com/
---

Happy user? Let us know at http://www.reviewboard.org/users/

---
You received this message because you are subscribed to the Google Groups "reviewboard" group.
To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Stephen Gallagher]

On 02/23/2014 02:01 PM, Christian Hammond wrote:
> It's the result of a number of patches changing the logic over the years
> without keeping the UI in sync.
>
> This is much improved in 2.0.
>
> Christian
>
> --

> Christian Hammond - chi...@chipx86.com <mailto:chi...@chipx86.com>

> Review Board - http://www.reviewboard.org
> Beanbag, Inc. - http://www.beanbaginc.com
>
>
> On Sun, Feb 23, 2014 at 10:18 AM, Tamer Afify <tamer...@gmail.com
> <mailto:tamer...@gmail.com>> wrote:
>
> Wow, who named those labels MUST be different from who coded the
> authentication, or he is super dum. I have been days trying to
> figure out what is wrong with my ldap login. I'm sure you did too in
> this 8days. I should have re-engineered the code to figure how to
> use a reviewboard feature. That is how the world should go forward.
>
> Really thankful for your post here.
>

As Christian notes, I submitted patches to vastly improve this for 2.0
(which were merged into Review Board 2.0 beta3):

https://reviews.reviewboard.org/r/5203/

[Tamer Afify]

Thanks Christian & Stephen for fixing this. It really made me hit my head for a while.

My corporate un-organized ldap directory shows that my reviewboard users are scattered under different OUs. How can I configure authentication to allow all my users to login?

i.e. one user is 

cn=ford,ou=company Users,ou=location,dc=domain1,dc=domain2

while another is  

cn=tesla,ou=Users,ou=location,dc=domain1,dc=domain2 

currently I set my LDAP Base DN: to tesla user OU and if any user from Ford OU login I get the following warning in reviewboards.log and fails to login

WARNING -  - LDAP error: The specified object does not exist in the Directory: sAMAccountName=ford

Also it would be great if you document for us what should be in Anonymous User Mask/Password?

I appreciate your support and can't wait to read your reply

[Stephen Gallagher]

That's a specific issue I fixed with the new patches. It sounds like we
may want to backport that for the 1.7.x series.

Christian, is that a patch you'd be willing to accept? I know 1.7.x is
kind of winding down now.

[Tamer Afify]

Not sure why network administrators do such a variation of ou users, but it seems to be quite common. I'll appreciate if that feature would be available.

Thanks,