-
Notifications
You must be signed in to change notification settings - Fork 799
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Trying to set up authentication with active directory #646
Comments
This is only if using stack deploy. Using composer up, i dont get the error. However im still not able to log in using AD, but that could very well be on my config. Whats the best way to debug this issue? |
After changing around a bit on my config i now get, with composer up: Using wrong password: Works as expected. Using the right password, it just greys out the login button and hangs. What could be the source of this? And what log files should i provide to help solve this? |
@richard-julien any idea? |
Difficult to say. Any error on the client side? Can you check with chrome dev tools the result of the http query? |
I will get back to you as soon as i have had the chance to check this out, thanks for looking into it! |
It just hangs, no response. Could be an issue with what the email field is called? If its not called the same in AD, and it cant find it and there is no handling of such errors(didnt check if thats the case). Because why else would it hang only on correct password? I checked the response both for correct and wrong password. |
Any ideas here? Ensured the email field is the correct one and it still hangs on correct password. |
Hi @rbnor , can you check with last release if you have a log in the opencti container? Thanks |
"net::ERR_EMPTY_RESPONSE" is the error i get with the correct password now,on the request in the console. |
Sure, ill check that out asap |
Wrong password gives: Right password yields nothing in neither of the logs.. |
Could it be that it authenticates but does not proceed to create a user the proper way hence no response? Just thinking out loud. Clearly the authentication works but no response to the request at all. No user is created thats for sure, could it be that it its not intended to? imo it kind of has to create a user even tho its SSO, to have something in its own context to refer to? |
With the help of Filip, i reproduce the problem.
|
Thanks for looking into it, and nice work reproducing it, sorry for the lack of information and config from my end there if that was an issue. Looking forward to the next release,if i can improve the config in the meantime please let me know. |
Please replace every line in curly brackets { like this } with an appropriate answer, and remove this line.
Description
Environment
Reproducible Steps
Steps to create the smallest reproducible scenario:
clone docker repo
add example ldap config, change values.
Expected Output
expect it to start properly
Actual Output
failed to create service opencti_opencti: Error response from daemon: rpc error: code = InvalidArgument desc = expanding env failed: expanding env "PROVIDERS__LDAP__CONFIG__SEARCH_FILTER=(sAMAccountName={{user
name}})": template: expansion:1: function "username" not defined
Additional information
{ Any additional information, including logs or screenshots if you have any. }
The text was updated successfully, but these errors were encountered: