search

osixia / docker-openldap

OpenLDAP container image 🐳🌴
MIT License
4.05k stars 977 forks source link

Jenkins failed to authenticate successfully using the ldap plugin #298

Open Guwenqiang opened 5 years ago

Guwenqiang commented 5 years ago

jenkins conf:

false ldap://192.168.2.4 false uid={0} cn=admin,dc=example,dc=org {AQAAABAAAAAQxdvvZz50JE0xj3GKZCYioIfGgZwV96JfIB5e729+QDM=} displayname mail false true

The error is as follows: Login Authentication: failed for user "cn=admin,dc=example,dc=org" Lookup User lookup: failed for user "cn=admin,dc=example,dc=org" LdapCallback;[LDAP: error code 32 - No Such Object]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name '' LDAP Group lookup: could not verify. Please try with a user that is a member of at least one LDAP group. Lockout The user "cn=admin,dc=example,dc=org" will be unable to login with the supplied password. If this is your own account this would mean you would be locked out! Are you sure you want to save this configuration?

Information can be obtained from the command line on the jenkins server: ldapsearch -x -H ldap://192.168.2.4 -b cn=admin,dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin

extended LDIF

#

LDAPv3

base with scope subtree

filter: (objectclass=*)

requesting: ALL

#

admin, example.org

dn: cn=admin,dc=example,dc=org objectClass: simpleSecurityObject objectClass: organizationalRole cn: admin description: LDAP administrator userPassword:: e1NTSEF9enhSN3M5S2c4OGlkTkZoY21EMUpaeXdCajdURTZhSzA=

search result

search: 2 result: 0 Success

numResponses: 2

numEntries: 1

Please tell me where is the problem?

obourdon commented 5 years ago

@Guwenqiang which version of osixia/openldap are you using ? could you please try with hotpatch-1.2.4 and see if problem still occurs ? Many thanks

Guwenqiang commented 5 years ago

The version I am currently using is 1.2.3, gitlab can be accessed, jenkins verification fails, I will try 1.2.4 later, I am asking questions. Thank you

obourdon commented 5 years ago

@Guwenqiang the problem is that 1.2.3 has introduced some regressions whenever people use some environment variables and mounted volumes: see Issue #252 and all the one liked to it

obourdon commented 5 years ago

@Guwenqiang please note that 1.2.4 has now been officially released

Guwenqiang commented 5 years ago

Hello, there are two more questions, please help answer:

  1. How do I obtain the ciphertext string encrypted by the ssha of the user (such as admin) account? I don't want to configure gitlab in plain text.
  2. How do I add an account to provide a query? Can I only add related configuration after entering the container?