Not easily, no. However, there is work in progress to add the capability to manage LDAP accounts via CloudStack (creating a user in CloudStack would create them in LDAP). That's a Google Summer of Code student project, so it's probably not going to be out until 4.3 (end of year).
On Tue, Jul 16, 2013 at 4:21 PM, Dean Kamali <[email protected]> wrote: > shanker > > Thank you so much, I have used CloudMonkey and worked from the first try, I > haven't had much success with using the URL and browser. > > I'm now able to use ldap passwords to log in,for existing users > in CloudStack, now the natural question follows, is there is away I could > sync ldap users with CloudStack? > > Thank you > > > On Tue, Jul 16, 2013 at 11:27 AM, Shanker Balan < > [email protected] > > wrote: > > > On 15-Jul-2013, at 9:05 PM, Dean Kamali <[email protected]> wrote: > > > > okay, I have been trying to excite the following in my browser > > > > http://10.0.10.5:8080/client/api? > > > command=ldapConfig&hostname=10.0.10.43&searchbase=OU%3DUsers,DC%3Dmidnetworks,DC%3Dcorp&queryfilter=%28%26%28uid%3D%25u%29%29&binddn=CN%3Dadmin,DC%3Dmidnetworks,DC%3Dcorp&bindpass=password&port=389&response=json > > < > > > http://10.0.10.5:8080/client/api?command=ldapConfig&hostname=10.0.10.43&searchbase=OU%3DUsers,DC%3Dmidnetworks,DC%3Dcorp&queryfilter=%28%26%28uid%3D%25u%29%29&binddn=CN%3Dadmin,DC%3Dmidnetworks,DC%3Dcorp&bindpass=rootboot&port=389&response=json > > > > > > > > > where 10.0.10.5 is my CloudStack Management server and 10.0.10.43 is > > the OpenLDAP server > > > > > > The response in the browser is > > > > { "ldapconfigresponse" : {"errorcode":401,"errortext":"unable to > > verify user credentials and/or request signature"} } > > > > > > Any ideas on what do I need to check? > > > > > > > > Hi Dean, > > > > I just setup CloudStack 4.1 to use Active Directory via OpenLDAP proxies > > and it works fine. One thing that I did differently is to use CloudMonkey > > CLI to add the LDAP configuration. > > > > $ cloudmonkey > > cloudmonkey> api ldapConfig hostname=1.2.3.4 searchbase=DC=XXX,DC=LOCAL > > queryfilter=(uid=%u) binddn=CN=XXX,DC=XXX,DC=LOCAL bindpass=1.2.3.4 > port=389 > > ldapconfig: > > binddn = CN=xxxx > > hostname = 1.2.3.4 > > port = false > > queryfilter = (uid=%u) > > searchbase = DC=XXX,DC=LOCAL > > > > I assumed that CloudStack would automatically populate the user entry on > > successful authentication which it did not. > > > > You need to create an identical user in CloudStack else authentication > > will fail. The other thing is that CloudStack allows only one ldap server > > to connect to. Will need to use a LB in front of the LDAP servers in case > > you need HA for authentication. > > > > Hth. > > @shankerbalan > > > > > > > > Thanks > > > > > > > > On Mon, Jul 15, 2013 at 11:35 AM, Dean Kamali <[email protected]> > > wrote: > > > > In fact, I will set it up today, and let you guys know > > > > > > On Mon, Jul 15, 2013 at 11:33 AM, Gavin Henry <[email protected] > >wrote: > > > > Installation of OpenLDAP: > > http://imduffy15.blogspot.ie/2013/06/setting-up-openldap-server.html > > > > > > Hi all, > > > > If you're doing this for a production system please don't use any > > distro bundled version of OpenLDAP especially on Red Hat and CentOS > > distros. Debian isn't too bad and either is Ubuntu. Please get a > > proper up to date version from: > > > > http://ltb-project.org/wiki/download > > > > Thanks, > > > > Gavin. ([email protected]) > > > > -- > > Kind Regards, > > > > Gavin Henry. > > Managing Director. > > > > T +44 (0) 1224 279484 > > M +44 (0) 7930 323266 > > F +44 (0) 1224 824887 > > E [email protected] > > > > Open Source. Open Solutions(tm). > > > > http://www.suretecsystems.com/ > > > > Suretec Systems is a limited company registered in Scotland. Registered > > number: SC258005. Registered office: 24 Cormack Park, Rothienorman, > > Inverurie, > > Aberdeenshire, AB51 8GL. > > > > Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html > > > > Do you know we have our own VoIP provider called SureVoIP? See > > http://www.surevoip.co.uk > > > > Did you see our API? http://www.surevoip.co.uk/api > > > > > > > > > > -- > > Shanker Balan > > Managing Consultant > > > > > > > > M: +91 98860 60539 > > [email protected] | www.shapeblue.com | Twitter:@shapeblue > > ShapeBlue India, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - > > 560 055 > > > > This email and any attachments to it may be confidential and are intended > > solely for the use of the individual to whom it is addressed. Any views > or > > opinions expressed are solely those of the author and do not necessarily > > represent those of Shape Blue Ltd or related companies. If you are not > the > > intended recipient of this email, you must neither take any action based > > upon its contents, nor copy or show it to anyone. Please contact the > sender > > if you believe you have received this email in error. Shape Blue Ltd is a > > company incorporated in England & Wales. ShapeBlue Services India LLP is > > operated under license from Shape Blue Ltd. ShapeBlue is a registered > > trademark. > > >
