Can not bind via users after building from src #19
Comments
Hello there,First and foremost, thank you very much for creating this bridge.I git cloned the src code and built it via "ant dist".Moved the newly built binary into a different folder and then started it like this:sudo bash $ADS_HOME/bin/apacheds.sh startWas able to change the password from admin to something else.Seems as if the anonymous bind - admin bind works but not user bind.e.g. ldapsearch -H ldap://localhost:10389 -D "uid=admin,ou=system" -x -w password -b "dc=iam,dc=aws,dc=org" "(cn=jdoe)"returns a list of entriesbut trying it like this:ldapsearch -x -D "uid=jdoe,ou=users,dc=iam,dc=aws,dc=org" -W -H ldap://localhost:10389/ -b "ou=users,dc=iam,dc=aws,dc=org" -s sub 'uid=jdoe'Enter LDAP Password: |
|
Thanks for the quick response! I tried your ldapsearch command with my username and password and received the same error that I posted. Here's the output from the application.log: The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details. The Canonical String for this request should have been host:iam.amazonaws.com host;user-agent;x-amz-date The String-to-Sign should have been xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' (Service: AmazonIdentityManagement; Status Code: 403; Error Code: SignatureDoesNotMatch; Request ID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx) |
|
Hi James, Thanks for the quick response!I tried your ldapsearch command with my username and password and received the same error that I posted. Here's the output from the application.log:The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.The Canonical String for this request should have been — |
|
Hi Denis, Under the scripts folder, what is the command to run packer against the packer_ami.json file? Is this where users need to setup / provision the bridge? Also, what is the validator = iam_password? Is this the default password? Thanks again, James |
|
Packer is just if you want to create your own AMI. You use apacheds.sh to actually run the server. Hi Denis,Under the scripts folder, what is the command to run packer against the packer_ami.json file? Is this where users need to setup / provision the bridge? Thanks again,James — |
Hello there,
First and foremost, thank you very much for creating this bridge.
I git cloned the src code and built it via "ant dist".
Moved the newly built binary into a different folder and then started it like this:
sudo bash $ADS_HOME/bin/apacheds.sh start
Was able to change the password from admin to something else.
Seems as if the anonymous bind alongwith admin bind works but not user bind.
e.g.
ldapsearch -H ldap://localhost:10389 -D "uid=admin,ou=system" -x -w password -b "dc=iam,dc=aws,dc=org" "(cn=jdoe)"
returns a list of entries
but
trying it like this:
ldapsearch -x -D "uid=jdoe,ou=users,dc=iam,dc=aws,dc=org" -W -H ldap://localhost:10389/ -b "ou=users,dc=iam,dc=aws,dc=org" -s sub 'uid=jdoe'
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
additional info: INVALID_CREDENTIALS: Bind failed: ERR_229 Cannot authenticate user uid=jdoe,ou=users,dc=iam,dc=aws,dc=org
Is there a configuration setting or a change in the source code which allows user binds when building apacheds with your iam / aws integration code?
The text was updated successfully, but these errors were encountered: