[rabbitmq-discuss] RabbitMQ 3.1.0 LDAP plugin help

chads.finishing.strong chads.finishing.strong at gmail.com
Wed May 8 17:40:14 BST 2013


Simon, I did get your response; thanks. The rabbitmq.config portion I
listed, is under
rabbitmq_auth_backend_ldap. The ldap plugin is enabled and loaded. A
tcpdump shows that
it is indeed communicating with the ldap server.

The issues are

(1) the plugin is not logging debug info; neither {log, true} or {log,
network} work
(2) I'm unable to authenticate via ldap



On Wed, May 8, 2013 at 9:27 AM, Simon MacMullen <simon at rabbitmq.com> wrote:

> Hi. Did you see my response to your other mail here:
> http://lists.rabbitmq.com/**pipermail/rabbitmq-discuss/**
> 2013-May/026993.html<http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/2013-May/026993.html>
> ?
>
> You also say "I've been unsuccessful". What is the actual problem?
>
> Cheers, Simon
>
> On 08/05/13 14:50, chads.finishing.strong at gmail.**com<chads.finishing.strong at gmail.com>wrote:
>
>> I'm trying to get the LDAP plugin to work.  At this point, it does not
>> log when "log" is set to "true" or "network", so I've been using tcpdump.
>> Anyways, I'm trying to take what I use in PHP/Zend
>> (Zend_Auth_Adapter_Ldap):
>> ldap.primary.host = 'ldap.example.com'
>> ldap.primary.baseDn = 'dc=example,dc=com'
>> ldap.primary.accountDomainName = 'example.com'
>> ldap.primary.**accountDomainNameShort = 'example'
>> ldap.primary.username = 'example\ldapadmin'
>> ldap.primary.password = 'mypasswd'
>> ldap.primary.**accountFilterFormat =
>> '(&(objectClass=user)(**sAMAccountName=%s))'
>> and use that data to configure the rabbitmq ldap plugin:
>> <snip>
>> {servers, ["ldap.example.com"]},
>> {dn_lookup_attribute, "sAMAccountName"},
>> {dn_lookup_base, "DC=example,DC=com"},
>> {user_dn_pattern, "(sAMAccountName=${username}),**DC=example,DC=com"}
>> {other_bind, {"example\\\ldapadmin", "mypasswd"}},
>> {use_ssl, false},
>> {port, 389},
>> {log, network},
>> {vhost_access_query,{constant, true}},
>> {resource_access_query, {constant, true}},
>> {tag_queries, [
>>     {administrator, {constant, true}},
>>     {management,    {constant, true}},
>>     {monitoring,    {constant, true}}
>> ]}
>> <snip>
>> LDAP Entry snippet:
>> dn: CN=Blart\, Paul,OU=MallCops,DC=example,**DC=com
>> cn: Blart, Paul
>> sAMAccountName: pblart
>> userPrincipalName: pblart at example.com
>> At this point I've been unsuccessful.  It looks like my problem may be
>> due to the "dn_lookup_*" and "user_dn_pattern" values?  Any help would
>> be greatly appreciated.
>> Thanks
>> C
>>
>>
>> ______________________________**_________________
>> rabbitmq-discuss mailing list
>> rabbitmq-discuss at lists.**rabbitmq.com<rabbitmq-discuss at lists.rabbitmq.com>
>> https://lists.rabbitmq.com/**cgi-bin/mailman/listinfo/**rabbitmq-discuss<https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss>
>>
>>
>
> --
> Simon MacMullen
> RabbitMQ, Pivotal
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20130508/408176f0/attachment.htm>


More information about the rabbitmq-discuss mailing list