Open tamoorahmedntu opened 10 months ago
@tamoorahmedntu this is the exception you get when you have no ldap configured. It looks like you have an ommision in your ldap configured in cloudstack. Please check the values for
"ldap.basedn"
"ldap.bind.principal"
"ldap.group.object"
"ldap.nested.groups.enable"
"ldap.provider"
"ldap.read.timeout"
"ldap.request.page.size"
"ldap.search.group.principle"
"ldap.user.object"
"user.authenticators.order"
and list your ldap configurations?
Hello, Thank you for this helpful information, please see below; This is the Config: Is this what you require or do you have an API which I can use
@tamoorahmedntu the ldap configuration you have configured is domain specific. If you add a configuration without domain, the search command should work.
NOTE the searchLdap API is only meant for manual import not for autoimport or autosync configurations.
@tamoorahmedntu the ldap configuration you have configured is domain specific. If you add a configuration without domain, the search command should work.
NOTE the searchLdap API is only meant for manual import not for autoimport or autosync configurations.
I'm really sorry but are you talking about the top pic or bottom ?
text would be easier ;) I am talking about the picture describing the ldap configurations , the top one.
that said, I will have to trust the basedn and bind principal as I cannot read those in the bottom picture. The error indicates nothing about that however. The global settings are global and only used as defaults for a domain as configured in the ldapconfiguration.
Unfortunately that still does not work maybe I'm doing something wrong. Configuration > LDAP configuration
host = my server name port = my port Domain = left alone
Is this correct?
yes that is correct. Does it give the same error?
yes that is correct. Does it give the same error?
yes
2024-01-03 09:49:39,411 DEBUG [o.a.c.l.LdapManagerImpl] (qtp989447607-19:ctx-541c510b ctx-e0ab4db8) (logid:a0cf2671) ldap Exception: javax.naming.ConfigurationException: java.naming.provider.url property does not contain a URL at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:110) at java.naming/javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:730) at java.naming/javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:305) at java.naming/javax.naming.InitialContext.init(InitialContext.java:236) at java.naming/javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) at org.apache.cloudstack.ldap.LdapContextFactory.createInitialDirContext(LdapContextFactory.java:62) at org.apache.cloudstack.ldap.LdapContextFactory.createBindContext(LdapContextFactory.java:51) at org.apache.cloudstack.ldap.LdapContextFactory.createBindContext(LdapContextFactory.java:45) at org.apache.cloudstack.ldap.LdapManagerImpl.searchUsers(LdapManagerImpl.java:359) at org.apache.cloudstack.api.command.LdapUserSearchCmd.execute(LdapUserSearchCmd.java:76) at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:163) at com.cloud.api.ApiServer.queueCommand(ApiServer.java:782) at com.cloud.api.ApiServer.handleRequest(ApiServer.java:603) at com.cloud.api.ApiServlet.processRequestInContext(ApiServlet.java:347) at com.cloud.api.ApiServlet$1.run(ApiServlet.java:154) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call(DefaultManagedContext.java:55) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWithContext(DefaultManagedContext.java:102) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWithContext(DefaultManagedContext.java:52) at com.cloud.api.ApiServlet.processRequest(ApiServlet.java:151) at com.cloud.api.ApiServlet.doGet(ApiServlet.java:105) at javax.servlet.http.HttpServlet.service(HttpServlet.java:645) at javax.servlet.http.HttpServlet.service(HttpServlet.java:750) at org.eclipse.jetty.servlet.ServletHolder$NotAsync.service(ServletHolder.java:1450) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:554) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:600) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1440) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:505) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1355) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:772) at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.Server.handle(Server.java:516) at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:487) at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:732) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:479) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131) at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883) at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034) at java.base/java.lang.Thread.run(Thread.java:829) 2024-01-03 09:49:39,412 DEBUG [o.a.c.a.c.LdapUserSearchCmd] (qtp989447607-19:ctx-541c510b ctx-e0ab4db8) (logid:a0cf2671) No users matching: username
ok that will require some debugging than. No idea what else could be wrong.
can you import users?
can you import users?
to make sure I do it properly, could you confirm how to do this
i would use importLdapUsers
yes, and also you can use the UI to import users, It would show available users from ldap if the configuration is correct.
yes, and also you can use the UI to import users, It would show available users from ldap if the configuration is correct.
i get the same error when doing through API but i don't see ldap button which should appear (to my knowledge )
It might be interesting to add this to 4.18.2
@JoaoJandre I am not sure if this is a bug or environmental yet. If it is a bug sure.
@tamoorahmedntu , I tried to reproduce using https://www.forumsys.com/2022/05/10/online-ldap-test-server/ as the ldapserver. my configuration seems to work:
my ldap configuration:
and connection:
The only thing I can think of next is that you don't use a standard port (3268) and cloudstack cannt handle that. Can you test with ports 389 and 636 to see if those work, please?
@tamoorahmedntu do you have any progress / furhter information?
Sorry for late reply. Unfortunately I can't Change port of Ldap, I was looking into other ways.
From: dahn @.> Sent: Friday, June 21, 2024 12:47:46 pm To: apache/cloudstack @.> Cc: Ahmed, Tamoor @.>; Mention @.> Subject: Re: [apache/cloudstack] LDAP API Error "does not contain a URL" java.naming.provider.url property does not contain a URL (Issue #8336)
@tamoorahmedntuhttps://github.com/tamoorahmedntu do you have any progress / furhter information?
— Reply to this email directly, view it on GitHubhttps://github.com/apache/cloudstack/issues/8336#issuecomment-2182598561, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ANH2J2UXHRVXJAAKA5UNF4DZIQHF5AVCNFSM6AAAAABJIIH4LWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCOBSGU4TQNJWGE. You are receiving this because you were mentioned.Message ID: @.***>
DISCLAIMER: This email is intended solely for the addressee. It may contain private and confidential information. If you are not the intended addressee, please take no action based on it nor show a copy to anyone. In this case, please reply to this email to highlight the error. Opinions and information in this email that do not relate to the official business of Nottingham Trent University shall be understood as neither given nor endorsed by the University. Nottingham Trent University has taken steps to ensure that this email and any attachments are virus-free, but we do advise that the recipient should check that the email and its attachments are actually virus free. This is in keeping with good computing practice.
@tamoorahmedntu you could run a test server against your LDAP and against https://www.forumsys.com/2022/05/10/online-ldap-test-server/ and see if there is a difference in results?
ISSUE TYPE
COMPONENT NAME
CLOUDSTACK VERSION
CONFIGURATION
Advanced networking, LDAP integration
OS / ENVIRONMENT
Ubuntu 22
SUMMARY
running code under API get error message
STEPS TO REPRODUCE
Add LDAP information
Global Settings > Access > LDAP ( Using Microsoft AD )
Global Settings > LDAP configuration
Run command for API
EXPECTED RESULTS
return search query information
ACTUAL RESULTS