[ome-users] LDAP authentication on mac Xserver

josh.moore at gmx.de josh.moore at gmx.de
Mon Jun 15 13:06:11 BST 2009 

Hi Alex,

You will need to also set "omero.ldap.base" to something other than
"ou=example,o=com". The LDAP plugin:

  https://www.openmicroscopy.org/site/support/omero4/server/install-ldap

uses four properties to check for membership, by:

    * Allowing every ''inetOrgPerson'' under omero.ldap.base to login
    * but restricting access based upon membership in omero.ldap.groups
    * but restricting access based upon the entry's attributes
      matching omero.ldap.attributes and omero.ldap.values

Hope that helps.
~Josh


Alex Sossick writes:
 > Dear All
 > 
 > I am now trying to use our ldap server running on a mac Xserver to
 > authenticate against.
 > 
 > So I asked our LDAP person what info I needed to know and got given the
 > machine address and the username.
 > 
 > Does anyone have any ideas why it does not work? Or what I should try?
 > 
 > Thanks
 > 
 > Alex
 > 
 > --==--
 > 
 > bin/omero config set omero.ldap.urls ldap://odmaster.address.....:389
 > bin/omero config set omero.ldap.username dc=OD-Master,dc=local
 > --==--
 > I then tried bin/omero config get
 > 
 > omero:omero_dist ajs17$ bin/omero config get
 > omero.db.name=omero
 > omero.db.pass=abc
 > omero.db.user=omero
 > omero.ldap.urls=ldap://odmaster.address....389
 > omero.ldap.username=dc=OD-Master,dc=local
 > 
 > --==--
 > 
 > The  Blitz log
 > 
 > more var/log/Blitz-0.log -tail
 > 
 > 2009-06-15 11:09:00,014 INFO  [ ome.services.blitz.fire.SessionManagerI]
 > (r_Worker-5) Performing requestHeartbeats
 > 2009-06-15 11:11:19,821 INFO  [        ome.services.util.ServiceHandler]
 > (l.Server-3)  Executor.doWork --
 > ome.services.sessions.SessionManagerImpl.executeCheckPassword
 > 2009-06-15 11:11:19,821 INFO  [        ome.services.util.ServiceHandler]
 > (l.Server-3)  Args:    [null,
 > ome.tools.spring.InternalServiceFactory at 293051]
 > 2009-06-15 11:11:19,827 INFO  [         ome.security.basic.EventHandler]
 > (l.Server-3)  Auth:    user=0,group=0,event=null(Sessions)
 > 2009-06-15 11:11:19,832 INFO  [        ome.services.util.ServiceHandler]
 > (l.Server-3)  Rslt:    false
 > 
 > --===---
 > 
 > -- 
 > Alex Sossick
 > Wellcome Trust/Cancer Research UK Gurdon Institute
 > University of Cambridge
 > Tennis Court Rd
 > Cambridge CB2 1QN
 > UK
 > 
 > email ajs17 at cam.ac.uk
 > tel 01223 334082

More information about the ome-users mailing list