[rabbitmq-discuss] RabbitMQ 2.8.7 + LDAP + other_bind

Marc marc.villacorta at gmail.com
Wed Oct 10 15:28:26 BST 2012

Hello all!

For authentication I need to bind to a Microsoft Active Directory.

Let's say my bind user is '*uxxx*' with password '*pxxx*'.
Let's say the user I try to authenticate is '*uyyy*' with password '*pyyy*'.

I use the *other_bind<http://hg.rabbitmq.com/rabbitmq-auth-backend-ldap/file/d76afaf44415/README#l100>
* configuration option in order to bind with user '*uxxx*'.

Like this:

    { rabbit, [{auth_backends, [rabbit_auth_backend_ldap]}]},

    { rabbitmq_auth_backend_ldap, [

        {servers, ["myldapserver"]},

        {other_bind, {"uxxx", "pxxx"}},

        {dn_lookup_base, "DC=my,DC=domain,DC=com"},

        {dn_lookup_attribute, "AccountName"},

> "CN=${username},OU=users,OU=mycompany,DC=my,DC=domain,DC=com"},



but when I try to login with user '*uyyy*' I get this in my logs: 

> =INFO REPORT==== 10-Oct-2012::16:21:04 ===

LDAP backend: connecting to ["myldapserver"]

> =INFO REPORT==== 10-Oct-2012::16:21:04 ===

LDAP backend: bind request = {'BindRequest',3,

>  "CN=uyyy,OU=users,OU=mycompany,DC=my,DC=domain,DC=com",


> =INFO REPORT==== 10-Oct-2012::16:21:04 ===

LDAP backend: bind reply = {ok,






> 48,51,65,57,44,32,99,111,109,109,101,110,116,

> 58,32,65,99,99,101,112,116,83,101,99,117,114,

> 105,116,121,67,111,110,116,101,120,116,32,101,

> 114,114,111,114,44,32,100,97,116,97,32,53,50,




I understand the bind request is being forged with the wrong user.
Could that be a bug in the LDAP plugin?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20121010/7726fbdc/attachment.htm>

More information about the rabbitmq-discuss mailing list