<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:14px;background-color:rgb(255,255,255)">I am trying to authenticate users signing in to the management plugin using Ldap. </span>
<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:14px;background-color:rgb(255,255,255)">I am running RabbitMQ 2.8.4 as a service on Windows 7 64 bit</span><span style="background-color:rgb(255,255,255)">. </span><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:14px;background-color:rgb(255,255,255)">Currently my config file looks like this:</span><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:14px;background-color:rgb(255,255,255)">
<br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:14px;background-color:rgb(255,255,255)"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
[{listeners, [{mgmt, [{port, 55672}]}]},<br>{default_listener, [{port, 55670}]},<br>{contexts, [{rabbit_mgmt, mgmt}]},<br>{log_levels, [{connection, info}]},<br>{rabbit, [{auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]}]},<br>
{<br><span style="white-space:pre-wrap"> </span>rabbitmq_auth_backend_ldap,<br><span style="white-space:pre-wrap"> </span>[ <br><span style="white-space:pre-wrap"> </span>{servers,["my-server"]},<br><span style="white-space:pre-wrap"> </span>{user_dn_pattern, "CN=${username},OU=Users,DC=mydomain,DC=com"},<br>
<span style="white-space:pre-wrap"> </span>{tag_queries, [{administrator, {constant, true}}]},<br><span style="white-space:pre-wrap"> </span>{resource_access_query, {constant, true}}, <br><span style="white-space:pre-wrap"> </span>{vhost_access_query, {constant, true}},<br>
<span style="white-space:pre-wrap"> </span>{use_ssl,false},<br><span style="white-space:pre-wrap"> </span>{port,389},<br><span style="white-space:pre-wrap"> </span>{log,true}<br><span style="white-space:pre-wrap"> </span>]<br>
}].</blockquote><div><br></div><div>This does allow the users who authenticate using ldap to sign in to the management UI, but whenever I try to edit, create, or delete queues and exchanges, it returns an error. I have tried similar operations using the cli tool and it gives the same error, but I can get it to list exchanges and queues. Logging in with the default local user "guest" works and the user can edit everything.</div>
<div><br></div><div>I am wondering if I am missing something in the config file to give users who authenticate with ldap write and configure access or if there is some other error happening.</div><div><br></div><div>This is the error returned from the management UI:</div>
<div><pre style="white-space:pre-wrap;color:rgb(72,72,72);font-size:12px">{error,
{exit,
{{{case_clause,
{badrpc,
{'EXIT',
{as_user_no_password,
{gen_server,call,
[rabbit_auth_backend_ldap,
{login,<<"knstewart">>},
infinity]}}}}},
[{amqp_direct_connection,connect,4,[]},
{amqp_gen_connection,handle_call,3,[]},
{gen_server,handle_msg,5,[{file,"gen_server.erl"},{line,588}]},
{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,227}]}]},
{gen_server,call,[<0.21766.0>,connect,infinity]}},
[{gen_server,call,3,[{file,"gen_server.erl"},{line,188}]},
{rabbit_mgmt_util,with_channel,5,[]},
{rabbit_mgmt_util,with_decode,5,[]},
{rabbit_mgmt_wm_exchange_publish,process_post,2,[]},
{webmachine_resource,resource_call,3,[]},
{webmachine_resource,do,3,[]},
{webmachine_decision_core,resource_call,1,[]},
{webmachine_decision_core,decision,1,[]}]}}</pre></div></div>