Hello!
I have a few questions about LDAP plugin...
1. the plugin don't include all necessary software for work (i shuld install sssd for example)
2. main part of configuration I shoild do not in web interface (I shuld do it in cli)
Am I right?
Hello!
I have a few questions about LDAP plugin...
1. the plugin don't include all necessary software for work (i shuld install sssd for example)
2. main part of configuration I shoild do not in web interface (I shuld do it in cli)
Am I right?
the plugin don't include all necessary software for work (i shuld install sssd for example)
sssd can be more than ldap and is just another option. So, it depends on what you are connecting to.
main part of configuration I shoild do not in web interface (I shuld do it in cli)
that also depends. If you are just trying to make your OMV system an ldap client, you shouldn't need to use the CLI.
Right now I only need ldap client.
And I can't do this.
I use openldap. I check it:
buranov@buranov-ThinkPad-T460:~$ ldapsearch -h ldap.buranov.org -p 389 -D cn=test,ou=omv,dc=buranov,dc=org -w test -b "ou=omv,dc=buranov,dc=org"
# extended LDIF
#
# LDAPv3
# base <ou=omv,dc=buranov,dc=org> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# omv, buranov.org
dn: ou=omv,dc=buranov,dc=org
objectClass: organizationalUnit
objectClass: top
ou: omv
# test, omv, buranov.org
dn: cn=test,ou=omv,dc=buranov,dc=org
cn: test
givenName: test
gidNumber: 502
sn: test
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
userPassword:: e01ENX1DWTlyelVZaDAzUEszazZESmllMDlnPT0=
uidNumber: 1000
homeDirectory: /home/users/test
uid: test
# omv_ro, omv, buranov.org
dn: cn=omv_ro,ou=omv,dc=buranov,dc=org
gidNumber: 502
cn: omv_ro
objectClass: posixGroup
objectClass: top
# search result
search: 2
result: 0 Success
# numResponses: 4
# numEntries: 3
buranov@buranov-ThinkPad-T460:~$
And I can't see this user and group in OMV.
OMV has a user and group ID minimum of 1000 to show up in the web interface. Try adding your test user to a group with a gid of 1000 or more.
And this is my settings in OMV
OMV has a user and group ID minimum of 1000. Try adding your test user to a group with a gid of 1000 or more.
OK. I'll try.
No. Result the same...
I can't see user in "User" in OMV
Sorry, I don't have an LDAP server setup to test this.
Sorry, I don't have an LDAP server setup to test this.
OK.
I tryed it in omv3... And I got the same result.
root@omv3:~# ldapsearch -h ldap.buranov.org -D cn=test,ou=omv,dc=buranov,dc=org -w test -b "ou=omv,dc=buranov,dc=org"
# extended LDIF
#
# LDAPv3
# base <ou=omv,dc=buranov,dc=org> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# omv, buranov.org
dn: ou=omv,dc=buranov,dc=org
objectClass: organizationalUnit
objectClass: top
ou: omv
# test, omv, buranov.org
dn: cn=test,ou=omv,dc=buranov,dc=org
cn: test
givenName: test
gidNumber: 1100
homeDirectory: /home/users/test
sn: test
loginShell: /bin/bash
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
userPassword:: e01ENX1DWTlyelVZaDAzUEszazZESmllMDlnPT0=
uid: test
uidNumber: 1100
# omv_ro, omv, buranov.org
dn: cn=omv_ro,ou=omv,dc=buranov,dc=org
cn: omv_ro
objectClass: posixGroup
objectClass: top
gidNumber: 1100
# search result
search: 2
result: 0 Success
# numResponses: 4
# numEntries: 3
root@omv3:~#
In /var/log/auth.log no any errors about ldap.
Does anybody use ldap in omv?
Any ideas?
I use active directory (2012r2) so this is general advise. Does it work on another not omv debian install? If yes try to see what is different between them. Did you join the domain? Do you see domain users or groups with getent? getent passwd getent group
I gave up on the plugin years ago but I think it should work for openldap. There were a few good threads in the old bug tracker. Unfortunately progress ate it. sssd and realmd are more modern ways of doing this task. They detect things and take lots of the guess work out of it. Google has lots of howto articles.
Here is how I do it on windows. You might get a hint reading it.
https://forum.openmediavault.o…-Active-Directory-Sumary/
Good luck
OK.
Thank you!
Good luck
Done!
Stupid mistake...
User suffix and Group suffix was wrong.
Now I see groups and users from LDAP.
Glad you got it working. If you have time please write up a howto for others benefit.
Thanks
If you have time please write up a howto for others benefit.
I can write short manual for ldap config...
I'll post it here.
OK?
I'll post it here.
OK?
Sounds good to me
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!