尝试配置Tuleap和LDAP身份验证。到目前为止,我在/etc/tuleap/plugins/ldap/etc/ldap.inc中的配置:
$sys_ldap_server = 'xxx';
$sys_ldap_server_type = 'OpenLDAP';
$sys_ldap_dn = 'dc=xxx,dc=xx';
$sys_ldap_bind_dn = 'cn=useradmin,dc=xxx,dc=xx';
$sys_ldap_bind_passwd = 'xxxx';
$sys_ldap_uid = "uid";
$sys_ldap_eduid = "uid";
$sys_ldap_cn = 'cn';
$sys_ldap_mail = 'mail';
$sys_ldap_people_dn = 'ou=People,dc=xxx,dc=xx';
$sys_ldap_search_user='(|(uid=%words%)(cn=%words%)(mail=%words%))';
$sys_ldap_default_user_status = 'A';
$sys_ldap_svn_auth = 1;
$sys_ldap_daily_sync = 1;
$sys_ldap_daily_sync_retention_period = '';
$sys_ldap_user_management = 1;
$sys_ldap_grp_enabled = 1;
$sys_ldap_grp_dn = 'ou=workers,dc=xxx,dc=xx';
$sys_ldap_grp_cn = 'o';
$sys_ldap_grp_member = 'xxx';
$sys_ldap_threshold_users_suspension = '';
$search_depth = 'subtree';
尝试登录时,我在日志中收到错误:
2018-08-14T09:05:56+02:00 [2247] [debug] Bound to LDAP server: xxx
2018-08-14T09:05:56+02:00 [2247] [warning] LDAP search error: dc=xxx,dc=xx uid=xxx@xxx.xx ldap://xxx.xx.xx ***ERROR:No such object ***ERROR no:32
2018-08-14T09:05:56+02:00 [2247] [info] [LDAP] User xxxx@xxx.xx failed to authenticate
在CLI中执行LDAP搜索会带来积极的结果:
ldapsearch -x -D "cn=useradmin,dc=xxx,dc=xx" -W -H ldap://xxx.xxx.xx -b "ou=People,dc=xxx,dc=xx"
结果:
# xxxx@xxx.xx, People, xxx.xx
dn: uid=xxxx@xxx.xx,ou=People,dc=xxx,dc=xx
cn:: www
displayName:: ppp
givenName: qq
mail: xxxx@xxx.xx
o: gg
objectClass: inetOrgPerson
preferredLanguage: cc
sn:: uuu
uid: xxxx@xxx.xx
userPassword:: yyy
怎么了?
答案 0 :(得分:0)
事实证明,Tuleap LDAP不支持通过电子邮件登录。仅使用用户名。因此,如果您的LDAP设置未提供唯一的用户名,则无法将LDAP登录部署到Tuleap。