-
Notifications
You must be signed in to change notification settings - Fork 95
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[8.0.0] Unable to add ldap users #1339
Comments
Also let run gsa in debug mode, I don't see any errors. |
Did you actually enable LDAP via the LDAP page's checkbox, or did you "just" enable the LDAP-option in general to show up in the GUI? I have to admit, that I did that at first and thought I could replicate your issue. After actually enabling it with the checkbox, my setup looks just like bjoernricks's. |
I am having the same issue. Ubuntu 18.04. Everything looks like its working. It accepts the LDAP config, but no option for the users... am I missing something? |
Hi, could you check if you gvm-libs are build with and linked against libldap ldd $INSTALL_PREFIX/lib/libgvm_util.so|grep -i ldap Where $INSTALL_PREFIX is /usr for ubuntu packages. The output should be something like
|
In my case yes:
|
Running Is it possible the connection is being rejected and so it doesn't show up? Is there a way I can test the connection (from gvm)? |
I don't have a running LDAP server and the option is shown. |
Could you login into gsa and run |
it should print something like
|
I will read this in the console:
I have replaced the security part of it with XXX. |
And
? |
From gmp.user.currentAuthSettings().then(resp => console.log(resp.data))
And gmp.user.currentAuthSettings().then(resp => console.log(resp.data.get('method:ldap_connect').enable === 1)) |
I get also true back calling "gmp.user.currentAuthSettings().then(resp => console.log(resp.data.get('method:ldap_connect').enable === 1))" |
I really don't know why the ldap option isn't shown for you. This is exactly the check for displaying the option. |
Could you apply the following patch and check the output at the new user dialog? diff --git a/gsa/src/web/pages/users/dialog.js b/gsa/src/web/pages/users/dialog.js
index 0f375d0c1..c990a2dff 100644
--- a/gsa/src/web/pages/users/dialog.js
+++ b/gsa/src/web/pages/users/dialog.js
@@ -161,6 +161,12 @@ class Dialog extends React.Component {
return (
<React.Fragment>
<Layout flex="column">
+ <FormGroup title="LDAP Setting">
+ {settings.get('method:ldap_connect').enable}{' '}
+ {settings.get('method:ldap_connect').enable === YES_VALUE
+ ? 'true'
+ : 'false'}
+ </FormGroup>
<FormGroup title={_('Login Name')}>
<TextField
name="name" |
I can't find the needed source block. Neither in the git nor the 8.0.0 release.
|
See https://github.com/greenbone/gsa/blob/gsa-8.0/gsa/src/web/pages/users/dialog.js#L163 Just copy the patch into a file at the root dir of the git clone and run
|
Either gsa nor gsad is doing the ldap authentication. gvmd is responsible for the authentication of the user.
My patch only did add some html for debug output. I didn't expect that the option is shown now... This is really weird. Could you double check if the option is not shown again after removing the patch?
It don't get that. What is happening exactly? |
For the first question you have right, it was my mistake. gvmd does the job.(Login is possible, my ldap filter was wrong) Back what I have done to test it:
|
Still very weird. Actually my patch didn't change the code. Maybe it's caused by some javascript over-optimization.
Yeah. It's caused by your browser and auto-filling of forms 😒 |
So today I tested some scenarios. And the final state is the following:
After create the user and click on edit the follow dialog is shown: |
Hi,
is true for you with the gsa-8.0 branch it must also work in the dialog. |
Very strange, from the git master and git tag version(8.0.0) I see an big diff. |
Yes of course both branches differ but it's completely unrelated. See
|
As I wrote, if this code here
is true for you in the gsa-8.0 branch the option SHOULD be shown because that's what's being checked in the dialog too. |
Just a wild guess but have you considered some browser related issue here (Compatibility problem, Adblocker, ...). Might worth to do a short check with a different browser or the same browser with plugins disabled. |
Just upgraded to GVM-10 from previous version (GVM-9), now I am also unable to add LDAP authenticated users, the LDAP authentication option is missing in dialogs... I have upgraded installation from source (git clone/git pull/git checkout vX.0.0) under Debian Stretch. Before upgrading I was able to add LDAP auhenticated users (did it on january 2018). Now LDAP authentication is still active, but option is missing from user add or user edit dialog, despite of |
I think I found the issue but I'm not sure. It looks like there was some duplication in: gsa/src/web/pages/users/dialog.js. |
So I ran |
As I already wrote
it is suspicious that we aren't able to reproduce the issue and
is true for you. |
I am having the same problem, LDAP enabled, and the option does not appear in new users.
|
I finally fixed my problem by getting the file I was using tag After reinstalling, restarting gsad daemon and clearing browser cache, the option LDAP Authentication only is now present in user creation/edition dialog. |
Yes indeed f3e055d is required to fix displaying the LDAP and RADIUS authentication selection in the user dialogs. So the tag v8.0.0 is broken in this regard. Nevertheless the gsa-8.0 branch and also master do contain this fix already. |
It worked. |
Hi, I am still not able to reproduce your issues neither one of my co-workers. Nevertheless I've implemented some changes for the LDAP, Radius and User dialogs which may improve the situation. Please try the GSA 8 branch https://github.com/greenbone/gsa/tree/gsa-8.0 |
FYI, I had this problem too with a version built from source. However, running |
Is there still not a solution for this problem? |
Did you try the 8.0.1 release and did check if gvm-libs is linked against libldap? I can't do anything here because I am not able to reproduce the issue. It works as expected on all my machines. |
Not yet, we have to use the rpm package, so its not possible to recompile within our setup. |
You can check the libldap topic with a call like e.g.:
If you don't get a return back like e.g.:
no LDAP support is available. |
I have the return back, everything is correct on the host. But i don't have the radio button option in the gui. |
Same issue here |
According to two users in the following community forum: https://community.greenbone.net/t/ldap-authentication-not-enable/4409/3 this is already solved in the current gsa-9.0 branch (probably since #1437 and/or #1723) Anyone able to confirm? |
Yes on the 9'er tree it will work. |
I still have the problem. At the LDAP settings the activation doesn't change. And I cant edit users to use LDAP. |
Could you please try the release branches https://github.com/greenbone/gsa/tree/gsa-9.0 and https://github.com/greenbone/gvmd/tree/gvmd-9.0 and test again? I am really sure this issue is fixed already. |
I will close this. For now. If it is still relevant for the latest version(s), please reopen/recreate. |
Expected behavior
After enable ldap, that I can add users that don't use an local password.
Actual behavior
When I create an new user, no option is shown to use ldap instead of local password.
But this should be shown after enable ldap reading:
https://docs.greenbone.net/GSM-Manual/gos-4/en/gui_administration.html#ldap
Steps to reproduce
GVM versions
gsa: (gsad --version)
Greenbone Security Assistant 8.0.0~git
gvm: (gvmd --version)
Greenbone Vulnerability Manager 8.0.0
Manager DB revision 205
openvas-scanner: (openvassd --version)
OpenVAS Scanner 6.0.0
gvm-libs:
gvm-libs-10.0.0
Environment
Operating system:
CentOS 7.6
Installation method / source: (packages, source installation)
From git build as rpm
The text was updated successfully, but these errors were encountered: