Support operational attributes #7
Comments
|
Hi, I think we are running in the same problem. LDAP Server: OpenDJ # ~$ ldapsearch -x uid=myusername #myusername, people, rgy, domain, de dn: uid=myusername,ou=people,ou=rgy,o=domain,c=de objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: shadowAccount objectClass: posixAccount objectClass: top physicalDeliveryOfficeName: 030a/028 uid: myusername description: primary loginShell: /bin/zsh givenName: vorname cn: vorname nachnahme telephoneNumber: 0000 sn: nachnahme street: 030a/028 gecos: vorname nachnahme,030a/028,0000 roomNumber: 030a/028 homeDirectory: /domain.de/user/p/myusername mail: vorname.nachnahme@domain.de uidNumber: 17600 ou: IT (Informationstechnik) gidNumber: 1000 displayName: nachnahme, vorname # ~$ ldapsearch -x uid=myusername + #myusername, people, rgy, domain, de dn: uid=myusername,ou=people,ou=rgy,o=domain,c=de ds-sync-hist: physicaldeliveryofficename:0000015bfc1a3b056f3900016c5a:repl:030a /028 ds-sync-hist: street:0000015bfc1a3b056f3900016c5a:repl:030a/028 ds-sync-hist: gecos:0000015bfc1a3b056f3900016c5a:repl:vorname nachnahme,030a/028,0000 ds-sync-hist: roomnumber:0000015bfc1a3b056f3900016c5a:repl:030a/028 ds-sync-hist: modifytimestamp:0000015bfc1a3b056f3900016c5a:repl:20170512100029 Z ds-sync-hist: modifiersname:0000015bfc1a3b056f3900016c5a:repl:cn=Directory Man ager,cn=Root DNs,cn=config ds-pwp-password-policy-dn: cn=Krb5 Pass Through,cn=Password Policies,cn=config entryUUID: 984a2df7-b0ca-4c96-ae49-34a7d8b10d79 createTimestamp: 20140515130727Z creatorsName: cn=Directory Manager,cn=Root DNs,cn=config modifyTimestamp: 20170512100029Z modifiersName: cn=Directory Manager,cn=Root DNs,cn=config etag: 00000000b58dfee9 structuralObjectClass: inetOrgPerson isMemberOf: cn=openstack,ou=group,ou=rgy,o=domain,c=de isMemberOf: cn=monitoring,ou=group,ou=rgy,o=domain,c=de isMemberOf: cn=stash,ou=group,ou=rgy_res,o=domain,c=DE isMemberOf: cn=it,ou=group,ou=rgy,o=domain,c=de isMemberOf: cn=oracle-users,ou=group,ou=rgy,o=domain,c=de isMemberOf: cn=it-azubi,ou=group,ou=rgy,o=domain,c=de isMemberOf: cn=jira,ou=group,ou=rgy_res,o=domain,c=DE isMemberOf: cn=confluence,ou=group,ou=rgy_res,o=domain,c=DE isMemberOf: cn=ippgrafana,ou=group,ou=rgy,o=domain,c=de isMemberOf: cn=support,ou=group,ou=rgy,o=domain,c=de numSubordinates: 0 hasSubordinates: false subschemaSubentry: cn=schema entryDN: uid=myusername,ou=people,ou=rgy,o=domain,c=de dn: cn=monitoring,ou=group,ou=rgy,o=domain,c=de objectClass: groupOfUniqueNames objectClass: posixGroup objectClass: top cn: monitoring uniqueMember: uid=otherusername,ou=people,ou=rgy,o=domain,c=de uniqueMember: uid=myusername,ou=people,ou=rgy,o=domain,c=de gidNumber: 6340 # Debuglog output at kibana login
[2018-08-20T13:27:55,613][DEBUG][o.l.SearchOperation ] execute response=[org.ldaptive.Response@1751040500::result=[org.ldaptive.SearchResult@-1027762420::entries=[[dn=uid=myusername,ou=people,ou=rgy,o=domain,c=de[[hasSubordinates[false]], [mail[vorname.nachnahme@domain.de]], [telephoneNumber[0000]], [numSubordinates[0]], [roomNumber[030a/028]], [description[primary]], [structuralObjectClass[inetOrgPerson]], [modifiersName[cn=Directory Manager,cn=Root DNs,cn=config]], [creatorsName[cn=Directory Manager,cn=Root DNs,cn=config]], [objectClass[posixAccount, top, person, organizationalPerson, inetOrgPerson, shadowAccount]], [loginShell[/bin/zsh]], [uid[myusername]], [entryUUID[984a2df7-b0ca-4c96-ae49-34a7d8b10d79]], [homeDirectory[/domain.de/user/p/myusername]], [givenName[vorname]], [street[030a/028]], [createTimestamp[20140515130727Z]], [physicalDeliveryOfficeName[030a/028]], [sn[nachnahme]], [modifyTimestamp[20170512100029Z]], [entryDN[uid=myusername,ou=people,ou=rgy,o=domain,c=de]], [ou[IT (Informationstechnik)]], [gidNumber[1000]], [ds-sync-hist[roomnumber:0000015bfc1a3b056f3900016c5a:repl:030a/028, modifytimestamp:0000015bfc1a3b056f3900016c5a:repl:20170512100029Z, physicaldeliveryofficename:0000015bfc1a3b056f3900016c5a:repl:030a/028, street:0000015bfc1a3b056f3900016c5a:repl:030a/028, gecos:0000015bfc1a3b056f3900016c5a:repl:vorname nachnahme,030a/028,0000, modifiersname:0000015bfc1a3b056f3900016c5a:repl:cn=Directory Manager,cn=Root DNs,cn=config]], [cn[vorname nachnahme]], [ds-pwp-password-policy-dn[cn=Krb5 Pass Through,cn=Password Policies,cn=config]], [subschemaSubentry[cn=schema]], [uidNumber[17602]], [gecos[vorname nachnahme,030a/028,0000]], [displayName[nachnahme, vorname]], [etag[00000000b58dfee9]], [isMemberOf[cn=it,ou=group,ou=rgy,o=domain,c=de, cn=support,ou=group,ou=rgy,o=domain,c=de, cn=jira,ou=group,ou=rgy_res,o=domain,c=DE, cn=oracle-users,ou=group,ou=rgy,o=domain,c=de, cn=it-azubi,ou=group,ou=rgy,o=domain,c=de, cn=stash,ou=group,ou=rgy_res,o=domain,c=DE, cn=openstack,ou=group,ou=rgy,o=domain,c=de, cn=monitoring,ou=group,ou=rgy,o=domain,c=de, cn=ippgrafana,ou=group,ou=rgy,o=domain,c=de, cn=confluence,ou=group,ou=rgy_res,o=domain,c=DE]]], responseControls=null, messageId=-1]], references=[]], resultCode=SUCCESS, message=null, matchedDn=null, responseControls=null, referralURLs=null, messageId=-1] for request=[org.ldaptive.SearchRequest@1474616483::baseDn=ou=people,ou=rgy,o=domain,c=de, searchFilter=[org.ldaptive.SearchFilter@2090979373::filter=(uid=myusername), parameters={}], returnAttributes=[*, +], searchScope=SUBTREE, timeLimit=0, sizeLimit=0, derefAliases=ALWAYS, typesOnly=false, binaryAttributes=null, sortBehavior=UNORDERED, searchEntryHandlers=null, searchReferenceHandlers=[org.ldaptive.referral.SearchReferralHandler$SearchReferenceHandler@53957044], controls=null, referralHandler=org.ldaptive.referral.SearchReferralHandler@27225f09, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1322789567::config=[org.ldaptive.ConnectionConfig@1141811381::ldapUrl=ldaps://it-ldap-slave02.domain.de:1636, connectTimeout=5000, responseTimeout=-1, sslConfig=[org.ldaptive.ssl.SslConfig@1021441824::credentialConfig=org.ldaptive.ssl.CredentialConfigFactory$2@90e3da2, trustManagers=[org.ldaptive.ssl.HostnameVerifyingTrustManager@548ab2d1], enabledCipherSuites=null, enabledProtocols=[TLSv1.2, TLSv1.1], handshakeCompletedListeners=null], useSSL=true, useStartTLS=false, connectionInitializer=null], providerConnectionFactory=[org.ldaptive.provider.jndi.JndiConnectionFactory@109863918::metadata=[ldapUrl=ldaps://it-ldap-slave02.domain.de:1636, count=1], environment={java.naming.ldap.factory.socket=org.ldaptive.ssl.ThreadLocalTLSSocketFactory, com.sun.jndi.ldap.connect.timeout=5000, java.naming.ldap.version=3, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.protocol=ssl}, providerConfig=[org.ldaptive.provider.jndi.JndiProviderConfig@930490506::operationExceptionResultCodes=[PROTOCOL_ERROR, SERVER_DOWN], properties={}, connectionStrategy=org.ldaptive.provider.DefaultConnectionStrategy@7e1d4e05, controlProcessor=org.ldaptive.provider.ControlProcessor@41d91b3, environment=null, tracePackets=null, removeDnUrls=true, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, PARTIAL_RESULTS], sslSocketFactory=null, hostnameVerifier=null]], providerConnection=org.ldaptive.provider.jndi.JndiConnection@7c864fbf]
|
|
Hello everybody, Best regards, |
|
Will look into this ... |
|
If we provide a snapshot/temporary version can you help us to track this down? |
|
@Foxeronie we have something now and need help to test it |
|
Hey. Our Cluster is running on version 6.2.4 |
|
@Foxeronie what is the current Search Guard version you are running? |
|
com.floragunn:search-guard-6:6.2.4-22.1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://groups.google.com/forum/?utm_medium=email&utm_source=footer#!msg/search-guard/FFb8jEkWR8o/8njC9vhyAAAJ
The text was updated successfully, but these errors were encountered: