[ome-users] LDAP authentication on mac Xserver

Alex Sossick ajs17 at cam.ac.uk
Mon Jun 15 17:43:49 BST 2009 

Hi Josh

LDAP works!!
Thanks for the info,

omero:omero_dist ajs17$ bin/omero config get
omero.ldap.base=dc=OD-Master,dc=local
omero.ldap.config=true
omero.ldap.urls=ldap://odmaster......:389

A major problem I had was that we would prefer to use UID, and not cn,  on
our LPAD server uid is always a unique set of letters and numbers (ajs17)

Can we us UID instead of cn to identify people?
Our concern is we might have 3 James Smith's, but they will all have a
unique UID

Thanks

Alex

josh.moore at gmx.de at josh.moore at gmx.de wrote on 15/6/09 13:06:

> 
> Hi Alex,
> 
> You will need to also set "omero.ldap.base" to something other than
> "ou=example,o=com". The LDAP plugin:
> 
>   https://www.openmicroscopy.org/site/support/omero4/server/install-ldap
> 
> uses four properties to check for membership, by:
> 
>     * Allowing every ''inetOrgPerson'' under omero.ldap.base to login
>     * but restricting access based upon membership in omero.ldap.groups
>     * but restricting access based upon the entry's attributes
>       matching omero.ldap.attributes and omero.ldap.values
> 
> Hope that helps.
> ~Josh
> 
> 
> Alex Sossick writes:
>> Dear All
>> 
>> I am now trying to use our ldap server running on a mac Xserver to
>> authenticate against.
>> 
>> So I asked our LDAP person what info I needed to know and got given the
>> machine address and the username.
>> 
>> Does anyone have any ideas why it does not work? Or what I should try?
>> 
>> Thanks
>> 
>> Alex
>> 
>> --==--
>> 
>> bin/omero config set omero.ldap.urls ldap://odmaster.address.....:389
>> bin/omero config set omero.ldap.username dc=OD-Master,dc=local
>> --==--
>> I then tried bin/omero config get
>> 
>> omero:omero_dist ajs17$ bin/omero config get
>> omero.db.name=omero
>> omero.db.pass=abc
>> omero.db.user=omero
>> omero.ldap.urls=ldap://odmaster.address....389
>> omero.ldap.username=dc=OD-Master,dc=local
>> 
>> --==--
>> 
>> The  Blitz log
>> 
>> more var/log/Blitz-0.log -tail
>> 
>> 2009-06-15 11:09:00,014 INFO  [ ome.services.blitz.fire.SessionManagerI]
>> (r_Worker-5) Performing requestHeartbeats
>> 2009-06-15 11:11:19,821 INFO  [        ome.services.util.ServiceHandler]
>> (l.Server-3)  Executor.doWork --
>> ome.services.sessions.SessionManagerImpl.executeCheckPassword
>> 2009-06-15 11:11:19,821 INFO  [        ome.services.util.ServiceHandler]
>> (l.Server-3)  Args:    [null,
>> ome.tools.spring.InternalServiceFactory at 293051]
>> 2009-06-15 11:11:19,827 INFO  [         ome.security.basic.EventHandler]
>> (l.Server-3)  Auth:    user=0,group=0,event=null(Sessions)
>> 2009-06-15 11:11:19,832 INFO  [        ome.services.util.ServiceHandler]
>> (l.Server-3)  Rslt:    false
>> 
>> --===---
>> 
>> -- 
>> Alex Sossick
>> Wellcome Trust/Cancer Research UK Gurdon Institute
>> University of Cambridge
>> Tennis Court Rd
>> Cambridge CB2 1QN
>> UK
>> 
>> email ajs17 at cam.ac.uk
>> tel 01223 334082
> _______________________________________________
> ome-users mailing list
> ome-users at lists.openmicroscopy.org.uk
> http://lists.openmicroscopy.org.uk/mailman/listinfo/ome-users

-- 
Alex Sossick
Wellcome Trust/Cancer Research UK Gurdon Institute
University of Cambridge
Tennis Court Rd
Cambridge CB2 1QN
UK

email ajs17 at cam.ac.uk
tel 01223 334082

More information about the ome-users mailing list