search

theforeman / smart_proxy_realm_ad_plugin

foreman-proxy realm plugin for Active Directory
GNU General Public License v3.0
9 stars 10 forks source link

More documentation and a getting started guide #18

Closed martencassel closed 3 weeks ago

martencassel commented 5 years ago

We need a guide and some more documentation that shows on how to setup this plugin.

JensMKofoed commented 5 years ago

I have some problems setting this plugin up. I'm trying to install and configure it on an offline system. So the "bundle install" command is not working since it tries to contact to the internet. I downloaded the git and transferred it to the offline system. When trying to make a build several .h modules where missing. Found several CentOs development packages was not installed. Made a succesful build in the end and run the gem install. Added a realm_ad.yml to the Foreman-proxy. Restarting the foreman-proxy, but keep getting errors on the Realm plugin because foreman can't find the realm_ad smart proxy.

Can you please give some more advice on how to install the smart proxy? Which file there needs to be and where? regards Jens

martencassel commented 5 years ago

Which operating system version are you using ?

JensMKofoed commented 5 years ago

I’m using CentOS 7 and has installed foreman 1.20 with Katello 3.10

martencassel commented 5 years ago

Could you share us some logs ?

JensMKofoed commented 5 years ago

Unfortunately I'm not allowed to extract files from our offline system. I started with a CentOS 7. And installed Foreman 1.20 with the katello scenario. I downloaded the Git files from here and tried to build it. I order to do that, I also had to download the files from https://github.com/martencassel/radcli and build that first. I also had to install krb5-devel, openldap-devel, radcli-devel and gcc from centos. After building radcli i could do a "gem install radcli" Next I made a gem build smart_proxy_realm_ad_plugin.gemspec and then install smart_proxy_realm_ad_plugin-0.1.gem. I edited the /etc/foreman-proxy/settings.d/realm.yml file and created a realm_ad.yml file in /etc/foreman-proxy/settings.d folder. When I restart the foreman-proxy service, the only log information I can find is in the /var/log/foreman-proxy/proxy.log and it says: 2019-04-11T07:06:50 [E] Disabling all modules in the group ['realm']: following providers are not available ['realm_ad']

I have grep for realm_ad and realm many places to see if I could find more log messages, but no results. If I look at the realm_freeipa, I can see it is installed in under /usr/share/foreman-proxy/ locate realm_freeipa gives me this: /etc/foreman-proxy/settings.d/realm_freeipa.yml /usr/share/foreman-installer/modules/foreman_proxy/templates/realm_freeipa.yml.erb /usr/share/foreman-proxy/bundler.d/realm_freeipa.rd /usr/share/foreman-proxy/modules/realm_freeipa /usr/share/foreman-proxy/modules/realm_freeipa/configuration_loader.rd /usr/share/foreman-proxy/modules/realm_freeipa/ipa_config_parser.rd /usr/share/foreman-proxy/modules/realm_freeipa/provider.rd /usr/share/foreman-proxy/modules/realm_freeipa/realm_freeipa.rd /usr/share/foreman-proxy/modules/realm_freeipa/realm_freeipa_plugin.rd

If I do the same with realm_ad the only file which is within foreman is the /etc/foreman-proxy/settings.d/realm.yml The other files are all under /usr/local/share/gems/docs/smart_proxy_realm_ad_plugin-0.1 or /usr/local/share/gems/gems/smart_proxy_realm_ad_plugin-0.1

Where should the files be so foreman-proxy can find it? I have tried to copy files from /usr/local/share/gems/gems/smart_proxy_realm_ad_plugin-0.1/lib into the /usr/share/foreman-proxy/modules/ so it looks like the realm_freeipa but i didn't help

JensMKofoed commented 5 years ago

After copying files from /usr/local/share/gems/gems/smart_proxy_realm_ad_plugin-0.1/lib into the /usr/share/foreman-proxy/modules/ and made some change to the files. Foreman-proxy now starts up and are loading realm and realm_ad and there er no error messages in the log. But I'm not able to find the realm_ad within foreman web gui. In foreman web gui, under Infrastructure - Realm there are no provider listed in Realm Proxy when Realm Type are set to Active Directory

martencassel commented 5 years ago

More info are here https://github.com/martencassel/realmad-docs

I think you have to load this:

gem 'smart_proxy_realm_ad_plugin'
``

and place it in the following path

/usr/share/foreman-proxy/bundler.d/Gemfile.local.rb

This path is refered to as ~foreman-proxy/bundler.d in the Smart-Proxy plugin guide.

Here is the details

```bash
[root@ip-172-31-0-200 bundler.d]# find / -name bundler.d
/usr/share/foreman/bundler.d
/usr/share/foreman-proxy/bundler.d
/usr/share/foreman-proxy/modules/realm_ad/bundler.d
/usr/local/share/gems/gems/smart_proxy_realm_ad_plugin-0.1/bundler.d
[root@ip-172-31-0-200 bundler.d]# pwd
/usr/share/foreman-proxy/bundler.d
[root@ip-172-31-0-200 bundler.d]# cat 
bmc.rb                          Gemfile.local.rb                libvirt.rb                      puppet.rb
dhcp_isc.rb                     krb5.rb                         puppetca_token_whitelisting.rb  realm_freeipa.rb
[root@ip-172-31-0-200 bundler.d]# cat Gemfile.local.rb 
gem 'smart_proxy_realm_ad_plugin'
[root@ip-172-31-0-200 bundler.d]# cat ^C
[root@ip-172-31-0-200 bundler.d]# service foreman-proxy restart
Redirecting to /bin/systemctl restart foreman-proxy.service
[root@ip-172-31-0-200 bundler.d]#
martencassel commented 3 weeks ago

https://github.com/theforeman/smart_proxy_realm_ad_plugin/pull/31/commits

martencassel commented 3 weeks ago

In this PR we have a complete instruction on how to setup this plugin from source.