[rabbitmq-discuss] Debugging AD

Ben Hood 0x6e6562 at gmail.com
Wed Nov 30 16:44:09 GMT 2011

Hi Simon,

So after spinning the underlying LDAP driver on it's own, I was able
to establish what combination of input parameters was going to work
with AD:

1> {_, C} = eldap:open([""],[]).
2> eldap:simple_bind(C,
"ben.hood at ACMEDOMAIN","DB/nUcPk?DdF<eCjp?erzpbi[g"BdJL.w;pFrT>tg at KnbCDsi").

So this boils down to putting

{user_dn_pattern,       "${username}@ACMEDOMAIN"},

into rabbitmq.config.

I now have a follow up question: is it possible to create two
different groups in LDAP and assign them different levels of
privileges within the Management frontend?

I was thinking of having a group for admins who can do anything, and a
group for people who should be able to look at statistical info, but
can't do anything that would cause any messages to get binned (such as
queue/exchange deletions, queue purges or queue binds/unbinds).



On Wed, Nov 30, 2011 at 2:40 PM, Ben Hood <0x6e6562 at gmail.com> wrote:
> Pardon my ignorance of how LDAP works, but basically I am trying to
> port a known working LDAP configuration from some Java app that
> supplies a statically defined username/password in order to submit the
> authenication (aka bind) query.

More information about the rabbitmq-discuss mailing list