Add support to use Common Name (CN) as DN attribute for user entry

[hlavki]

According to issue #10 add support to set CN as user dn attribute.

[hlavki]

@dimasdjs, @rsaple, I don't know if I understand your problem. I created patch that creates user entry with DN: cn=Michal Hlaváč,ou=people,dc=hlavki,dc=eu like this:

Attr	Value
objectClass	inetOrgPerson (structural)
uid	miso@hlavki.eu
cn	Michal Hlaváč
sn	Hlaváč
employeeNumber	10071526xxxxxxx636
employeeType	INTERNAL
givenName	Michal
mail	miso@hlavki.eu

Is that what you need?

[dimasdjs]

thank you for your respond sir. sorry for my late respond @hlavki cn=Michal Hlaváč,ou=people,dc=hlavki,dc=eu , this is the format i need sir, without uid , because samba active directory doesnt support with uid.

[hlavki]

thanks @dimasdjs, but does samba support uid attribute?

[dimasdjs]

no sir, i've tried a couple times to add uid attribute when adding user in samba, but it doesnt work. and then i see attribute user that created in samba there is no uid attribute sir @hlavki

[muhx]

Hi guys, related to this https://wiki.samba.org/index.php/Samba_&_LDAP I suggest to use LDAP_USER_ATTR_DEFAULT = "cn"; rather than "uid", but you still need to supply "uid" as mandatory attribute.

[hlavki]

Thanks @lesmono, this is exactly what I needed to know. LDAP_USER_ATTR_DEFAULT remains uid because of backward compatibility, but will easy to configure.

[hlavki]

this issue should be fixed in master branch, but I cannot test it. Would be great if anybody with samba could test it. Samba wiki page contains documentation how to configure application.

[muhx]

Ok, will update soon about the status of this new code update. Thanks in advance.

[dimasdjs]

hello sir @hlavki

thank you for your update. ive tried use your updated image, but i still get same error.

here is my docker-compose.yml:

version: "3"

services:
  identity:
    image: hlavki/g-suite-identity-sync:0.4.7
    ports:
      - 8181:8181
      - 8101:8101
    environment:
      - LDAP_HOST=admin.example.org
      - SLAPD_BIND_DN=cn=admin,dc=example,dc=org
      - SLAPD_BASE_DN=dc=example,dc=org
      - SLAPD_PASSWORD=changeme
      - GSUITE_DOMAIN=example.org
      - GSUITE_CLIENT_ID=*******.apps.googleusercontent.com
      - GSUITE_CLIENT_SECRET=******
    volumes:
      - identity-config:/opt/karaf/etc/identity
volumes:
  identity-config:

i didnt create ldap image because i already had one.

and here is the screenshoot of error message:

I hope it can help you sir.

Thank you before.

[hlavki]

@dimasdjs, did you configure application as described here? Can you send me output of this command?

docker-compose exec identity /opt/karaf/bin/client 'config:list "(service.pid=eu.hlavki.identity.ldap)"'

[dimasdjs]

@hlavki Sorry sir i missed that wiki, i have configured as described in your wiki, the error before doesnt show up, but i get another error, below:

Thankyou sir @hlavki .

[hlavki]

@dimasdjs thanks for info, but this is only consequence of previous error. Could you please send me full karaf.log?

docker-compose logs identity > ~/karaf.log

thanks

[hlavki]

I'll try it using some samba ldap docker image

[dimasdjs]

Hi sir @hlavki , i checked my ldap the group was created but the user was not.

here is error from logs

im sorry i cant drop all the logs here , because some contain some information that i cant share sir.

thankyou in advanced before sir.

[hlavki]

@dimasdjs what is your LDAP structure? Users are created in ou=people,dc=domain,dc=com organization unit. There should be some error or info in log why user was not created!

[dimasdjs]

hi sir @hlavki i recheck in my ldap, the user was created in OU=people, but my ldap store user in CN=Users, maybe it causes the error.

here is the logs

logs-identity.txt

here is user's attributes user default of my ldap: default.txt

and here is user's attribute created by identity: identity.txt

thanks sir

[hlavki]

hi, could you please run this configuration command and try it again?

docker-compose exec identity /opt/karaf/bin/client \
    'config:edit eu.hlavki.identity.ldap; config:property-set ldap.users.dnAttr cn; config:property-set ldap.users.baseDN CN=Users; config:update'

[dimasdjs]

hi sir @hlavki , it works , finally, thanks in advance sir.