[ome-users] LDAP problems
Wood, Christopher
CJW at stowers.org
Wed Jun 17 14:58:03 BST 2015
Hi,
We just upgraded OMERO from 5.0.6 to 5.1.2 at the same time moving to different virtual hardware, and we are having some issues with LDAP accounts.
As in the past, our account names are sometimes all uppercase, or all lowercase – but no one uses uppercase to login to anything. The work around has been to use:
omero.security.password_provider=chainedPasswordProvider431
and create user names with lowercase and use the omero command line/python script to set the ldap dn. It doesn’t seem that this option is available any more (api docs say it is deprecated).
When I do:
bin/omero ldap list
the the users with “official" uppercase names give an error, others give the dn.
The log files give errors such as:
1714:2015-06-16 14:52:27,966 INFO [ ome.services.util.ServiceHandler] (l.Server-3) Excp: ome.conditions.ApiUsageException: Cannot find unique user DistinguishedName: found=1
Does anyone know of a solution or workaround to this problem? I found some tickets for this issue, but they didn’t seem to be resolved.
here are the LDAP settings
omero.ldap.base=DC=sgc,DC=loc
omero.ldap.config=true
omero.ldap.password=*****
omero.ldap.referral=follow
omero.ldap.urls=ldap://directory.*.****
omero.ldap.user_filter=(objectClass=person)
omero.ldap.user_mapping=omeName=sAMAccountName,firstName=givenName,lastName=sn,email=mail
omero.ldap.username=CN=*** ** ***,OU=Accounts-Infra,OU=AD Infrastructure,DC=sgc,DC=loc
Thanks
Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openmicroscopy.org.uk/pipermail/ome-users/attachments/20150617/38f2fd91/attachment.html>
More information about the ome-users
mailing list