1. 首页
  2. 问答
  3. Ldap不与设计工作

Ldap不与设计工作

2016-02-29 102 views
0

我想用设计与Ldap但是我似乎是在初始设置中使用LDAP的设计做错了我已经使用设计与数据库身份验证,但是,我想切换和使用我现有的广告。任何帮助将不胜感激!Ldap不与设计工作

我只使用LDAP这个测试脚本,它完美的作品

require 'net/ldap' 

class ActiveDirectoryUser 
    SERVER = 'myactivedir.mydomain.com' 
    PORT = 389 
    BASE = 'DC=mydomain,DC=com' 
    DOMAIN = 'mydomain.com' 

    def self.authenticate(login, pass) 
    return false if login.empty? or pass.empty? 

    conn = Net::LDAP.new :host => SERVER, 
         :port => PORT, 
         :base => BASE, 
         :auth => { :username => "#{login}@#{DOMAIN}", 
            :password => pass, 
            :method => :simple } 


    if conn.bind and user = conn.search(:filter => "sAMAccountName=#{login}").first 
     return user 

    else 
     return nil 
    end 

    rescue Net::LDAP::LdapError => e 
    return false 
    end 
end

我与上面的代码运行这一点,它给我的所有属性的测试

irb(main):003:0> user = ActiveDirectoryUser.authenticate('test','test12345') 

=> #<Net::LDAP::Entry:0x007fcfab831ee0 @myhash={:dn=>["CN=test,CN=Users,DC=mydomain,DC=com"], :objectclass=>["top", "person", "organizationalPerson", "user"], :cn=>["test"], :samaccountname=>["test"].......keeps going

如果我使用错误的用户测试密码我得到这个,所以我知道它的身份验证正确工作。

irb(main):002:0> ActiveDirectoryUser.authenticate('test','test123') 
=> nil

但是,当我尝试与设计相同的设置它总是返回这个。

LDAP: LDAP dn lookup: sAMAccountName=test 
LDAP: LDAP dn lookup: sAMAccountName=test 
LDAP: LDAP search for login: sAMAccountName=test 
LDAP: LDAP search for login: sAMAccountName=test 
LDAP: LDAP search yielded 0 matches 
LDAP: LDAP search yielded 0 matches 
LDAP: Authorizing user sAMAccountName=test,dc=mydomain,dc=com 
LDAP: Authorizing user sAMAccountName=test,dc=mydomain,dc=com 
LDAP: Not authorized because not authenticated. 
LDAP: Not authorized because not authenticated.

这里是我的devise.rb配置 - >

Devise.setup do |config| 
    # ==> LDAP Configuration 
    config.ldap_logger = true 
    # config.ldap_create_user = false 
    # config.ldap_update_password = true 
    config.ldap_config = "#{Rails.root}/config/ldap.yml" 
    #config.ldap_auth_username_builder = Proc.new() {|attribute, login, ldap| "#{login}@mydomain.com"} tried this still no luck...... 
    # config.ldap_check_group_membership = false 
    # config.ldap_check_group_membership_without_admin = false 
    # config.ldap_check_attributes = false 
    # config.ldap_use_admin_to_bind = false 
    # config.ldap_ad_group_check = false

这里是我的配置/ ldap.yml

development: 
    host: myactivedir.mydomain.com 
    domain: mydomain.com 
    port: 389 
    attribute: sAMAccountName 
    base: dc=mydomain,dc=com

来源

2016-02-29 Snowman08

回答

1

弄明白在config/devise.rb我包括这和它presto它的工作。

config.ldap_auth_username_builder = Proc.new() {|attribute, login, ldap| "#{login}@mydomain.com"}

来源

2016-03-03 14:02:12 Snowman08

相关问题

 相关问题