apache
[Doc][Module Name] ldap missing OU configuration
Search before asking
- [X] I had searched in the issues and found no similar feature requirement.
Description
By checking the Official Documentation Api-server Configuration ,we know the following LDAP configuration items, as shown in the figure below:
Is the User search base path missing, the startup from the officially documented configuration reports an error and can't find any users.
Documentation Links
No response
Are you willing to submit a PR?
- [ ] Yes I am willing to submit a PR!
Code of Conduct
- [X] I agree to follow this project's Code of Conduct
@ruanwenjun Sorry, it was a misconfiguration on my part before.After modifying the configuration, my ldap user was able to log in to dolphinscheduler. but my admin account admin was never able to log in, I tried the ldap admin user password as well as the local password.
The ldap configuration is as follows:
security:
authentication:
# Authentication types (supported types: PASSWORD,LDAP,CASDOOR_SSO)
type: LDAP
# IF you set type `LDAP`, below config will be effective
ldap:
# ldap server config
urls: ldap://192.168.246.8:389/
base-dn: dc=alphalawyer,dc=cn
username: cn=admin,dc=alphalawyer,dc=cn
password: xxxxxx
user:
# admin userId when you use LDAP login
admin: admin
identity-attribute: uid
email-attribute: mail
# action when ldap user is not exist (supported types: CREATE,DENY)
not-exist-action: CREATE
ssl:
enable: false
# jks file absolute path && password
trust-store: "/ldapkeystore.jks"
trust-store-password: "password"
The logs are shown below:
$ tail -f api-server/logs/dolphinscheduler-api.log
[ERROR] 2024-05-27 10:14:49.625 +0800 o.a.d.a.s.i.AbstractAuthenticator:[78] - Username or password entered incorrectly.
[ERROR] 2024-05-27 10:15:08.373 +0800 o.a.d.a.s.i.AbstractAuthenticator:[78] - Username or password entered incorrectly.
[ERROR] 2024-05-27 10:15:15.386 +0800 o.a.d.a.s.i.AbstractAuthenticator:[78] - Username or password entered incorrectly.
[INFO] 2024-05-27 10:15:42.157 +0800 o.a.d.a.s.i.AbstractAuthenticator:[101] - Session is created, userName:yangsheng.
[ERROR] 2024-05-27 10:17:44.941 +0800 o.a.d.a.s.i.AbstractAuthenticator:[78] - Username or password entered incorrectly.
[ERROR] 2024-05-27 10:17:46.543 +0800 o.a.d.a.s.i.AbstractAuthenticator:[78] - Username or password entered incorrectly.
[ERROR] 2024-05-27 10:17:46.754 +0800 o.a.d.a.s.i.AbstractAuthenticator:[78] - Username or password entered incorrectly.
[ERROR] 2024-05-27 10:17:53.689 +0800 o.a.d.a.s.i.AbstractAuthenticator:[78] - Username or password entered incorrectly.
[ERROR] 2024-05-27 10:18:19.908 +0800 o.a.d.a.s.i.AbstractAuthenticator:[78] - Username or password entered incorrectly.
[ERROR] 2024-05-27 10:18:43.585 +0800 o.a.d.a.s.i.AbstractAuthenticator:[78] - Username or password entered incorrectly.
My ldap user yangsheng is able to log in, but it doesn't have admin rights. I want to have an admin user to manage it, but I realized that I can't log in with the admin account now, how can I troubleshoot this?
You may need to check if your admin username/password is correct in ldap, or you need to debug at LdapService, this class also need to add more debug log.
This issue has been automatically marked as stale because it has not had recent activity for 30 days. It will be closed in next 7 days if no further activity occurs.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This issue has been automatically marked as stale because it has not had recent activity for 30 days. It will be closed in next 7 days if no further activity occurs.
This issue has been closed because it has not received response for too long time. You could reopen it if you encountered similar problems in the future.