search

OpenSOC / opensoc-ui

User interface for OpenSOC
Apache License 2.0
100 stars 55 forks source link

Ldap commands doesnot execute in Centos 6.6 #16

Open obaidskhan opened 9 years ago

obaidskhan commented 9 years ago

Hi, I have centos 6.6 x64 installed on my vm and have setup everything with yum. I am currently experiencing some problem with ldap.

Please find details.

[root@opensoc ~]# more /etc/redhat-release CentOS release 6.6 (Final) [root@opensoc ~]# rpm -qa | grep ldap compat-openldap-2.3.43-2.el6.x86_64 openldap-2.4.39-8.el6.x86_64 phpldapadmin-1.2.3-1.el6.noarch openldap-servers-2.4.39-8.el6.x86_64 python-ldap-2.3.10-1.el6.x86_64 sssd-ldap-1.11.6-30.el6.x86_64 openldap-devel-2.4.39-8.el6.x86_64 openldap-clients-2.4.39-8.el6.x86_64 apr-util-ldap-1.3.9-3.el6_0.1.x86_64 php-ldap-5.3.3-40.el6_6.x86_64 [root@opensoc ~]#

I have following directory structure setup in my vm.

[root@opensoc ~]# cd /opt/opensoc

[root@opensoc opensoc]# ls -ltr total 140 -rw-r--r-- 1 root root 4747 Nov 14 03:10 Vagrantfile drwxr-xr-x 2 root root 4096 Nov 14 03:10 test drwxr-xr-x 4 root root 4096 Nov 14 03:10 seed -rw-r--r-- 1 root root 3226 Nov 14 03:10 README.md -rw-r--r-- 1 root root 1536 Nov 14 03:10 package.json -rw-r--r-- 1 root root 613 Nov 14 03:10 Makefile drwxr-xr-x 4 root root 4096 Nov 14 03:10 lib drwxr-xr-x 2 root root 4096 Nov 14 03:10 kibana -rw-r--r-- 1 root root 497 Nov 14 03:10 index.js -rw-r--r-- 1 root root 739 Nov 14 03:10 Gruntfile.js drwxr-xr-x 4 root root 4096 Nov 14 03:10 examples drwxr-xr-x 2 root root 4096 Nov 14 03:10 doc -rw-r--r-- 1 root root 425 Nov 14 03:10 bower.json -rw-r--r-- 1 root root 1151 Nov 26 00:02 readme.md -rw-r--r-- 1 root root 3412 Nov 26 00:02 pom.xml.versionsBackup -rw-r--r-- 1 root root 4134 Nov 26 00:02 pom.xml drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-Topologies drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-PlatformScripts drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-Pcap_Service drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-MessageParsers drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-Indexing drwxr-xr-x 2 root root 4096 Nov 26 00:02 OpenSOC-FlumeConfigs drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-EnrichmentAdapters drwxr-xr-x 4 root root 4096 Nov 26 00:02 OpenSOC-DataServices drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-DataLoads drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-Common drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-Alerts -rw-r--r-- 1 root root 11324 Nov 26 00:02 LICENSE drwxr-xr-x 2 root root 4096 Dec 2 00:53 script -rw-r--r-- 1 root root 494 Dec 2 01:19 config.json drwxr-xr-x 29 root root 4096 Dec 2 01:20 node_modules [root@opensoc opensoc]#

I have used following commands for ldap authentication.

slappasswd -T /opt/opensoc/seed/slapd.seed cd /opt/opensoc/seed/ldap ldapmodify -Y EXTERNAL -H ldapi:/// -f logging.ldif ldapmodify -Y EXTERNAL -H ldapi:/// -f config.ldif ldapadd -D cn=admin,cn=config -w "opensoc" -H ldapi:/// -f memberof_add.ldif ldapadd -D cn=admin,cn=config -w "opensoc" -H ldapi:/// -f memberof_config.ldif

its gives an error message and wont allow me login into UI.

[root@opensoc ldap]# slappasswd -T /opt/opensoc/seed/slapd.seed Warning: Password file /opt/opensoc/seed/slapd.seed is publicly readable/writeable {SSHA}AX0iR4MF8ZN1dwuByCzOrmfAzBmeZmtP [root@opensoc ldap]# ldapmodify -Y EXTERNAL -H ldapi:/// -f logging.ldif SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 modifying entry "cn=config" ldap_modify: Type or value exists (20) additional info: modify/add: olcLogLevel: value #0 already exists

[root@opensoc ldap]# ldapmodify -Y EXTERNAL -H ldapi:/// -f config.ldif SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 modifying entry "cn=config"

modifying entry "olcDatabase={0}config,cn=config" ldap_modify: Constraint violation (19) additional info: attribute 'olcRootDN' cannot have multiple values

[root@opensoc ldap]# ldapadd -D cn=admin,cn=config -w "opensoc" -H ldapi:/// -f memberof_add.ldif ldap_bind: Invalid credentials (49) [root@opensoc ldap]# ldapadd -D cn=admin,cn=config -w "opensoc" -H ldapi:/// -f memberof_config.ldif ldap_bind: Invalid credentials (49) [root@opensoc ldap]#

I am not setting up opensoc development environment, can some one tell me how to fix this issue.

above commands are copied from /script/provision and I have changed directory path in ldap script and setup accordingly.

P.S: I have all pre-requiste required for opensoc such as kafka, elasticsearch, hive, hbase, mysql server.

golden3 commented 9 years ago

http://www.unixmen.com/setup-directory-serverldap-in-centos-6-4-rhel-6-4/ http://linuxserverathome.com/articles/installing-and-configuring-openldap-2423-centos-63 http://www.youtube.com/watch?v=0WJuPkJEX-U http://www.overclockers.com/forums/showthread.php?t=707070 http://huinn.wordpress.com/2012/01/01/centos-6-2-ldap-with-tls-quick-dirty/ http://wiki.openiam.com/pages/viewpage.action?pageId=7635198

Refer the above url for installing the openldap in centos6.6. and let me know i'm also trying to install on it the same scenario.