[rabbitmq-discuss] RabbitMQ 3.1.0 LDAP plugin help

chads.finishing.strong chads.finishing.strong at gmail.com
Thu May 9 13:39:01 BST 2013

Tested on Fedora 17 and 18 (x86_64)

dev$ rabbitmqctl environment

Application environment of node 'rabbit at dev-1' ...
 {error_logger,{file,"/var/log/rabbitmq/rabbit at dev-1.log"}},
 {plugins_expand_dir,"/var/lib/rabbitmq/mnesia/rabbit at dev-1-plugins-expand
 {sasl_error_logger,{file,"/var/log/rabbitmq/rabbit at dev-1-sasl.log"}},

dev$ cat rabbitmq.config

   {rabbit, [

      {tcp_listeners, [{"", 5672}]},

      {log_levels, [{connection, info}]},

      {collect_statistics_interval, 10000},

      {auth_backends, [
         rabbit_auth_backend_ldap, rabbit_auth_backend_internal

      {rabbitmq_auth_backend_ldap, [

         {servers,    ["ldap.example.com"]},
         {other_bind, {"example\\\ptdldap", "mypasswd"}},
         {dn_lookup_attribute, "sAMAccountName"},
         {dn_lookup_base, "DC=example,DC=com"},
         {use_ssl, false},
         {port, 389},
         {log, true},
         {vhost_access_query,    {constant, true}},
         {resource_access_query, {constant, true}},
         {tag_queries, [
            {administrator, {constant, true}},
            {management,    {constant, true}},
            {monitoring,    {constant, true}}



   {rabbitmq_management, [{listener, [{port, 9012}]}]},

   {rabbitmq_management_agent, [{force_fine_statistics, true}]}


I wouldn't put money on my dn_lookup_* or user_dn_pattern settings; I'm
reaching, trying to get this to work.

As far as the logs, **"nothing"** shows up; failed or otherwise.

dev$ cat *

=INFO REPORT==== 9-May-2013::07:35:23 ===
Starting RabbitMQ 3.1.0 on Erlang R15B03
Copyright (C) 2007-2013 VMware, Inc.
Licensed under the MPL.  See http://www.rabbitmq.com/

=INFO REPORT==== 9-May-2013::07:35:23 ===
node           : rabbit at dev-1
home dir       : /var/lib/rabbitmq
cookie hash    : eGWdsIswL6rcJkTG9w+ZDQ==
log            : /var/log/rabbitmq/rabbit at dev-1.log
sasl log       : /var/log/rabbitmq/rabbit at dev-1-sasl.log
database dir   : /var/lib/rabbitmq/mnesia/rabbit at dev-1

=INFO REPORT==== 9-May-2013::07:35:24 ===
Limiting to approx 924 file handles (829 sockets)

=INFO REPORT==== 9-May-2013::07:35:24 ===
Memory limit set to 1582MB of 3955MB total.

=INFO REPORT==== 9-May-2013::07:35:24 ===
Disk free limit set to 1000MB

=INFO REPORT==== 9-May-2013::07:35:24 ===
msg_store_transient: using rabbit_msg_store_ets_index to provide index

=INFO REPORT==== 9-May-2013::07:35:24 ===
msg_store_persistent: using rabbit_msg_store_ets_index to provide index

=INFO REPORT==== 9-May-2013::07:35:24 ===
started TCP Listener on

=INFO REPORT==== 9-May-2013::07:35:24 ===
Management plugin started. Port: 8012

=INFO REPORT==== 9-May-2013::07:35:24 ===
Statistics database started.

=INFO REPORT==== 9-May-2013::07:35:24 ===
Server startup complete; 8 plugins started.
 * amqp_client
 * eldap
 * mochiweb
 * rabbitmq_auth_backend_ldap
 * rabbitmq_management
 * rabbitmq_management_agent
 * rabbitmq_web_dispatch
 * webmachine

              RabbitMQ 3.1.0. Copyright (C) 2007-2013 VMware, Inc.
  ##  ##      Licensed under the MPL.  See http://www.rabbitmq.com/
  ##  ##
  ##########  Logs: /var/log/rabbitmq/rabbit at dev-1.log
  ######  ##        /var/log/rabbitmq/rabbit at dev-1-sasl.log
              Starting broker... completed with 8 plugins.

On Thu, May 9, 2013 at 4:58 AM, Simon MacMullen <simon at rabbitmq.com> wrote:

> On 08/05/13 17:40, chads.finishing.strong wrote:
>> Simon, I did get your response; thanks. The rabbitmq.config portion I
>> listed, is under
>> rabbitmq_auth_backend_ldap. The ldap plugin is enabled and loaded. A
>> tcpdump shows that
>> it is indeed communicating with the ldap server.
>> The issues are
>> (1) the plugin is not logging debug info; neither {log, true} or {log,
>> network} work
>> (2) I'm unable to authenticate via ldap
> Hmm.
> The log config item definitely works. What does "rabbitmqctl environment"
> say?
> When you say "I'm unable to authenticate via ldap", what *does* show up in
> then logs?
> Can you post your complete config?
> Cheers, Simon
> --
> Simon MacMullen
> RabbitMQ, Pivotal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20130509/1f3c1e82/attachment.htm>

More information about the rabbitmq-discuss mailing list