New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support operational attributes #7
Comments
Hi, I think we are running in the same problem. LDAP Server: OpenDJ # ~$ ldapsearch -x uid=myusername #myusername, people, rgy, domain, de dn: uid=myusername,ou=people,ou=rgy,o=domain,c=de objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: shadowAccount objectClass: posixAccount objectClass: top physicalDeliveryOfficeName: 030a/028 uid: myusername description: primary loginShell: /bin/zsh givenName: vorname cn: vorname nachnahme telephoneNumber: 0000 sn: nachnahme street: 030a/028 gecos: vorname nachnahme,030a/028,0000 roomNumber: 030a/028 homeDirectory: /domain.de/user/p/myusername mail: vorname.nachnahme@domain.de uidNumber: 17600 ou: IT (Informationstechnik) gidNumber: 1000 displayName: nachnahme, vorname # ~$ ldapsearch -x uid=myusername + #myusername, people, rgy, domain, de dn: uid=myusername,ou=people,ou=rgy,o=domain,c=de ds-sync-hist: physicaldeliveryofficename:0000015bfc1a3b056f3900016c5a:repl:030a /028 ds-sync-hist: street:0000015bfc1a3b056f3900016c5a:repl:030a/028 ds-sync-hist: gecos:0000015bfc1a3b056f3900016c5a:repl:vorname nachnahme,030a/028,0000 ds-sync-hist: roomnumber:0000015bfc1a3b056f3900016c5a:repl:030a/028 ds-sync-hist: modifytimestamp:0000015bfc1a3b056f3900016c5a:repl:20170512100029 Z ds-sync-hist: modifiersname:0000015bfc1a3b056f3900016c5a:repl:cn=Directory Man ager,cn=Root DNs,cn=config ds-pwp-password-policy-dn: cn=Krb5 Pass Through,cn=Password Policies,cn=config entryUUID: 984a2df7-b0ca-4c96-ae49-34a7d8b10d79 createTimestamp: 20140515130727Z creatorsName: cn=Directory Manager,cn=Root DNs,cn=config modifyTimestamp: 20170512100029Z modifiersName: cn=Directory Manager,cn=Root DNs,cn=config etag: 00000000b58dfee9 structuralObjectClass: inetOrgPerson isMemberOf: cn=openstack,ou=group,ou=rgy,o=domain,c=de isMemberOf: cn=monitoring,ou=group,ou=rgy,o=domain,c=de isMemberOf: cn=stash,ou=group,ou=rgy_res,o=domain,c=DE isMemberOf: cn=it,ou=group,ou=rgy,o=domain,c=de isMemberOf: cn=oracle-users,ou=group,ou=rgy,o=domain,c=de isMemberOf: cn=it-azubi,ou=group,ou=rgy,o=domain,c=de isMemberOf: cn=jira,ou=group,ou=rgy_res,o=domain,c=DE isMemberOf: cn=confluence,ou=group,ou=rgy_res,o=domain,c=DE isMemberOf: cn=ippgrafana,ou=group,ou=rgy,o=domain,c=de isMemberOf: cn=support,ou=group,ou=rgy,o=domain,c=de numSubordinates: 0 hasSubordinates: false subschemaSubentry: cn=schema entryDN: uid=myusername,ou=people,ou=rgy,o=domain,c=de dn: cn=monitoring,ou=group,ou=rgy,o=domain,c=de objectClass: groupOfUniqueNames objectClass: posixGroup objectClass: top cn: monitoring uniqueMember: uid=otherusername,ou=people,ou=rgy,o=domain,c=de uniqueMember: uid=myusername,ou=people,ou=rgy,o=domain,c=de gidNumber: 6340 # Debuglog output at kibana login [2018-08-20T13:27:55,613][DEBUG][o.l.SearchOperation ] execute response=[org.ldaptive.Response@1751040500::result=[org.ldaptive.SearchResult@-1027762420::entries=[[dn=uid=myusername,ou=people,ou=rgy,o=domain,c=de[[hasSubordinates[false]], [mail[vorname.nachnahme@domain.de]], [telephoneNumber[0000]], [numSubordinates[0]], [roomNumber[030a/028]], [description[primary]], [structuralObjectClass[inetOrgPerson]], [modifiersName[cn=Directory Manager,cn=Root DNs,cn=config]], [creatorsName[cn=Directory Manager,cn=Root DNs,cn=config]], [objectClass[posixAccount, top, person, organizationalPerson, inetOrgPerson, shadowAccount]], [loginShell[/bin/zsh]], [uid[myusername]], [entryUUID[984a2df7-b0ca-4c96-ae49-34a7d8b10d79]], [homeDirectory[/domain.de/user/p/myusername]], [givenName[vorname]], [street[030a/028]], [createTimestamp[20140515130727Z]], [physicalDeliveryOfficeName[030a/028]], [sn[nachnahme]], [modifyTimestamp[20170512100029Z]], [entryDN[uid=myusername,ou=people,ou=rgy,o=domain,c=de]], [ou[IT (Informationstechnik)]], [gidNumber[1000]], [ds-sync-hist[roomnumber:0000015bfc1a3b056f3900016c5a:repl:030a/028, modifytimestamp:0000015bfc1a3b056f3900016c5a:repl:20170512100029Z, physicaldeliveryofficename:0000015bfc1a3b056f3900016c5a:repl:030a/028, street:0000015bfc1a3b056f3900016c5a:repl:030a/028, gecos:0000015bfc1a3b056f3900016c5a:repl:vorname nachnahme,030a/028,0000, modifiersname:0000015bfc1a3b056f3900016c5a:repl:cn=Directory Manager,cn=Root DNs,cn=config]], [cn[vorname nachnahme]], [ds-pwp-password-policy-dn[cn=Krb5 Pass Through,cn=Password Policies,cn=config]], [subschemaSubentry[cn=schema]], [uidNumber[17602]], [gecos[vorname nachnahme,030a/028,0000]], [displayName[nachnahme, vorname]], [etag[00000000b58dfee9]], [isMemberOf[cn=it,ou=group,ou=rgy,o=domain,c=de, cn=support,ou=group,ou=rgy,o=domain,c=de, cn=jira,ou=group,ou=rgy_res,o=domain,c=DE, cn=oracle-users,ou=group,ou=rgy,o=domain,c=de, cn=it-azubi,ou=group,ou=rgy,o=domain,c=de, cn=stash,ou=group,ou=rgy_res,o=domain,c=DE, cn=openstack,ou=group,ou=rgy,o=domain,c=de, cn=monitoring,ou=group,ou=rgy,o=domain,c=de, cn=ippgrafana,ou=group,ou=rgy,o=domain,c=de, cn=confluence,ou=group,ou=rgy_res,o=domain,c=DE]]], responseControls=null, messageId=-1]], references=[]], resultCode=SUCCESS, message=null, matchedDn=null, responseControls=null, referralURLs=null, messageId=-1] for request=[org.ldaptive.SearchRequest@1474616483::baseDn=ou=people,ou=rgy,o=domain,c=de, searchFilter=[org.ldaptive.SearchFilter@2090979373::filter=(uid=myusername), parameters={}], returnAttributes=[*, +], searchScope=SUBTREE, timeLimit=0, sizeLimit=0, derefAliases=ALWAYS, typesOnly=false, binaryAttributes=null, sortBehavior=UNORDERED, searchEntryHandlers=null, searchReferenceHandlers=[org.ldaptive.referral.SearchReferralHandler$SearchReferenceHandler@53957044], controls=null, referralHandler=org.ldaptive.referral.SearchReferralHandler@27225f09, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1322789567::config=[org.ldaptive.ConnectionConfig@1141811381::ldapUrl=ldaps://it-ldap-slave02.domain.de:1636, connectTimeout=5000, responseTimeout=-1, sslConfig=[org.ldaptive.ssl.SslConfig@1021441824::credentialConfig=org.ldaptive.ssl.CredentialConfigFactory$2@90e3da2, trustManagers=[org.ldaptive.ssl.HostnameVerifyingTrustManager@548ab2d1], enabledCipherSuites=null, enabledProtocols=[TLSv1.2, TLSv1.1], handshakeCompletedListeners=null], useSSL=true, useStartTLS=false, connectionInitializer=null], providerConnectionFactory=[org.ldaptive.provider.jndi.JndiConnectionFactory@109863918::metadata=[ldapUrl=ldaps://it-ldap-slave02.domain.de:1636, count=1], environment={java.naming.ldap.factory.socket=org.ldaptive.ssl.ThreadLocalTLSSocketFactory, com.sun.jndi.ldap.connect.timeout=5000, java.naming.ldap.version=3, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.protocol=ssl}, providerConfig=[org.ldaptive.provider.jndi.JndiProviderConfig@930490506::operationExceptionResultCodes=[PROTOCOL_ERROR, SERVER_DOWN], properties={}, connectionStrategy=org.ldaptive.provider.DefaultConnectionStrategy@7e1d4e05, controlProcessor=org.ldaptive.provider.ControlProcessor@41d91b3, environment=null, tracePackets=null, removeDnUrls=true, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, PARTIAL_RESULTS], sslSocketFactory=null, hostnameVerifier=null]], providerConnection=org.ldaptive.provider.jndi.JndiConnection@7c864fbf] |
Hello everybody, Best regards, |
Will look into this ... |
If we provide a snapshot/temporary version can you help us to track this down? |
@Foxeronie we have something now and need help to test it |
Hey. Our Cluster is running on version 6.2.4 |
@Foxeronie what is the current Search Guard version you are running? |
com.floragunn:search-guard-6:6.2.4-22.1 |
https://groups.google.com/forum/?utm_medium=email&utm_source=footer#!msg/search-guard/FFb8jEkWR8o/8njC9vhyAAAJ
The text was updated successfully, but these errors were encountered: