Roland, If you need a quick fix, please look for a thread named "[REVIEW] MS LDAP Auth patch - UI CSS and Architecture help needed". Its about 10 lines of code to change and can be easily done in VI. If you get stuck - let me know.
Hugo posted a longterm fix in master branch, you can also try that if you are willing to go through rebuild process. I will try Hugo's patch after we settle with aftermath of hurricane Sandy. Regards ilya -----Original Message----- From: Roland Kool [mailto:roland.k...@tomtom.com] Sent: Wednesday, October 31, 2012 8:03 AM To: cloudstack-dev@incubator.apache.org Subject: RE: Status of LDAP/AD integration and CS4 Hi All, I'm also having issues getting LDAP authentication to work, but not against AD but OpenLDAP. Simple binds to OpenLDAP require password submitted in plaintext. I've tried to disable the md5Hash variables in sharedFunctions.js but that does not seem to work. So when reading about the PlainTextUserAuthenicator I wanted to try that as well, but when making the change in components.xml and restarting the management server, I get a class not found exception on PlainTextUserAuthenticator. When I checked the contents of cloud-server.jar there is indeed no such class. This is on Open Source CloudStack 3.0.2. Any idea why this is missing? Thanks Roland Kool | Sr. Systems Engineer | TomTom TechOps | ________________________________________ From: Suresh Sadhu [suresh.sa...@citrix.com] Sent: Thursday, October 25, 2012 8:35 AM To: cloudstack-dev@incubator.apache.org Subject: RE: Status of LDAP/AD integration and CS4 Can you try this:(refer this bug: CS-14680 CS and Ldap user validation can't happen simultaneously due to current limitation) Jessica Tomechak added a comment - 04/Oct/12 12:17 PM Additional information from Abhinandan P: Both cloudstack and LDAP account should work. In component.xml change this: <adapter name="MD5" class="com.cloud.server.auth.MD5UserAuthenticator"/> To <adapter name="MD5" class="com.cloud.server.auth.PlainTextUserAuthenticator"/> If not already done. -abhi Thanks Sadhu -----Original Message----- From: Kelcey Damage (BBITS) [mailto:kel...@bbits.ca] Sent: 25 October 2012 03:19 To: cloudstack-dev@incubator.apache.org Subject: RE: Status of LDAP/AD integration and CS4 This interests me greatly. KELCEY DAMAGE Infrastructure Systems Architect www.backbonetechnology.com ------------------------------------------------------------------------- kel...@bbits.ca address: 55 East 7th Ave, Vancouver, BC, V5T 1M4 tel: +1 604 713 8560 ext:114 fax: +1 604 605 0964 skype: kelcey.damage -----Original Message----- From: Musayev, Ilya [mailto:imusa...@webmd.net] Sent: Wednesday, October 24, 2012 2:36 PM To: cloudstack-dev@incubator.apache.org Subject: Status of LDAP/AD integration and CS4 In CS3.x, the Microsoft Active directory LDAP integration did not work because when password was submitted on login page, the sharedFunctions.js file has md5hashedLogin set to true, which in turn would encrypt user password as MD5 and then submit to management core to verify. This auth method works fine for regular local auth and probably other LDAP servers but definitely not with MS LDAP as it does not support MD5 hashed passwords as input. Is it still the case with CS4 or has anything changed? I wrote a fix for CS3.x and posted the solution on original/old bug tracker. I'm not certain if I need to do the same fix for 4.0 or we have this addressed. I looked at sharedFunctions.js file and it appears we are still doing the same thing. My AD login fails with invalid username and password - because CS4 submits my password as MD5 hash. As always, your feedback is appreciated. Thanks Ilya
