search

CactuseSecurity / firewall-orchestrator

Network Security data repository for automation, reporting and compliance of firewall rules
https://fwo.cactus.de
Apache License 2.0
30 stars 11 forks source link

ldap: audit user not working #766

Closed tpurschke closed 3 years ago

tpurschke commented 3 years ago

when running ansible-playbook -i inventory/ site.yml -e "audit_user=aua testkeys=yes installation_mode=new" -K the user is not visible in uiuser settings view and login fails as well issue with uid vs cn? all other users are defined with uid=

maybe an issue with jinja2 syntax (missing "-")?

dn: cn=auditor,ou=role,{{ openldap_path }}
{% if ldif_changetype != 'delete' -%}
changetype: {{ ldif_changetype }}
objectClass: top
objectClass: groupofuniquenames
cn: auditor
uniqueMember:
{% if audit_user is defined %}
uniqueMember: cn={{ audit_user }},ou=systemuser,ou=user,{{ openldap_path }}
{% endif %}
description: users that can view all data & settings (in the UI) but cannot make any changes
{%- endif %}
alf-cactus commented 3 years ago

Could you execute in shell: sudo ldapsearch -D cn=Manager,ou=systemuser,ou=user,dc=fworch,dc=internal -y /usr/local/fworch/etc/secrets/ldap_manager_pw.txt uid=aua This way we know whether it is an ui or ldap issue

alf-cactus commented 3 years ago

Oh I just realized that this issue is closed. Ignore if not important anymore