LDAP Plugin install

stuhad

Sorry we are running Ubuntu 18.04.4 LTS

Under Fog Configuration > Fog Version Information it says we’re running the latest stable version: 1.5.7

But then it states under Kernel Versions:
DefaultMember Fog Version: (1.5.5)

and the bottom right hand corner of the GUI states: 1.5.5

Sebastian Roth

@stuhad said in LDAP Plugin install:

But then it states under Kernel Versions:
DefaultMember Fog Version: (1.5.5)
and the bottom right hand corner of the GUI states: 1.5.5

Seems like something went wrong with your install. Please run the following command and post output here:
ls -al /var/www; ls -al /var/www/html; ls -al /var/www/html/fog

Tom Elliott

@Sebastian-Roth I fixed the versioning issue. No update needed to see this.

There was a slight issue on the remote side code that checks the version information for us.

Sebastian Roth

@stuhad So are you on 1.5.5 or 1.5.7 now?

stuhad

Hey Sebastion,

I’m not certain if we are on 1.5.5 or 1.5.7, perhaps the upgrade failed? Is there any way I can tell definitively?

Here is the output you requested.

$ ls -al /var/www; ls -al /var/www/html; ls -al /var/www/html/fog
total 16
drwxr-xr-x  4 root     root     4096 Mar 14  2019 .
drwxr-xr-x 14 root     root     4096 Mar 14  2019 ..
drwxr-xr-x 10 www-data www-data 4096 Mar 14  2019 fog
drwxr-xr-x  2 root     root     4096 Mar 14  2019 html
total 20
drwxr-xr-x 2 root root  4096 Mar 14  2019 .
drwxr-xr-x 4 root root  4096 Mar 14  2019 ..
lrwxrwxrwx 1 root root    13 Mar 14  2019 fog -> /var/www/fog/
-rw-r--r-- 1 root root 10918 Mar 14  2019 index.html
lrwxrwxrwx 1 root root 13 Mar 14  2019 /var/www/html/fog -> /var/www/fog/ 

@Sebastian-Roth said in LDAP Plugin install:

ls -al /var/www; ls -al /var/www/html; ls -al /var/www/html/fo

Sebastian Roth

@stuhad The output looks fine from a technical point of view. Though I am wondering about the file change date of /var/www/fog/ as 1.5.7 came out after March 14th 2019. Please run the two commands

grep FOG_VERSION /var/www/html/fog/lib/fog/system.class.php
find /var/www -name "system.class.php"

and post output here.

stuhad

@Sebastian-Roth

$ grep FOG_VERSION /var/www/html/fog/lib/fog/system.class.php
        define('FOG_VERSION', '1.5.5');
$ find /var/www -name "system.class.php"
/var/www/fog/lib/fog/system.class.php

stuhad

OK sorry I’m not sure what changed but it seems like the GUI is now saying we are in fact not running 1.5.7 but actually 1.5.5, which at least makes sense as no one remembers upgrading Fog, and it matches the log output. Just not sure why it was reporting 1.5.7 before… perhaps a DNS issue?

The only change I can think of is I performed an apt install to install ldap-utils so I could troubleshoot if it was perhaps a network issue between our fog server and the domain controllers not sure why this would make any difference to what the GUI was reporting.

I’ve confirmed I can query the domain controllers using ldapsearch from the fog server without issue so it doesn’t appear to be a network problem. Unfortunately, ldap logins still aren’t working to the fog server.

Would you recommend I try actually upgrading to 1.5.7?

Cheers,

Sebastian Roth

@stuhad said in LDAP Plugin install:

OK sorry I’m not sure what changed but it seems like the GUI is now saying we are in fact not running 1.5.7 but actually 1.5.5,

Did you see Tom’s post? There seemed to be an issue in the version check script on our webserver which led to it saying you are “up to date” eventhough you are running the years old 1.5.5 version. Tom fixed it. You can always be sure the version number in the bottom right corner is the one you have.

Updating to a newer version might surely help. Though I can’t promise you this particular issue has been fixed between 1.5.5 and 1.5.7 I am sure people use the LDAP plugin with 1.5.7.

But you might want to wait a few more days because we are preparing the 1.5.8 release to come out soon.

Kiweegie

@stuhad

We are running on the dev version here 1.5.7.109 and can confirm that LDAP plugin works on this version.

Re your FOG install showing 1.55 but earlier not I think you’re seeing the issue that @Tom-Elliott referred to below and has fixed.

As to why the LDAP plugin is not working it will be down to something in the LDAP config I suspect rather than anything linked to the FOG version. I’ve had LDAP plugin working on both 1.55 and 1.57.

Do you have anything in the following log file at all in reference to LDAP users?

/var/log/apaches/error.log

Looking through your LDAP config and comments from previous post

LDAP connection name: dc1
(fine as long as each connection name is unique)
LDAP Server Address: IP Address (is an IP ok?)
IP address OK, thats what I’ve used
LDAP Server Port: 389
OK
Use Group Matching: ticked
OK
Search Base DN: ou=fog users,dc=company,dc=com,dc=au
I’ve set my search base here to the root of the domain so try just dc=company,dc=com,dc=au
Group Search DN: ou=fog users,dc=company,dc=com,dc=au
Should be fine - spaces in OU names also OK.
Admin group: cn=fog admins,ou=fog users,dc=company,dc=com,dc=au
Try just using the group name here “fog admins” don’t need the cn entry. Also try removing space. Should be ok but something to rule out
Mobile group: cn=fog admins,ou=fog users,dc=company,dc=com,dc=au
As above
User Name Attribute: sAMAccountName
OK
Group Member Attribute: member
OK
Search Scope: Subtree and below
OK
Bind DN: cn=ldapadmin,ou=services,dc=company,dc=com,dc=au
This user should have delegated rights to add and delete computer objects. If unsure try adding as member of Domain Admins group to test
Bind password: added in plaintext
OK

Ninja Edit: With the password remember to ensure no special characters!!

Give the above a whirl and let us know how you get on.

regards Tom

stuhad

@Sebastian-Roth said in LDAP Plugin install:

Did you see Tom’s post? There seemed to be an issue in the version check script on our webserver which led to it saying you are “up to date” eventhough you are running the years old 1.5.5 version. Tom fixed it. You can always be sure the version number in the bottom right corner is the one you have.

Hey sorry about the confusion I did see his comment, but clearly did not understand. It’s a huge relief that we aren’t dealing with a failed upgrade.

Thanks for all your help with this everyone, I have finally got the plugin working. As @Kiweegie suggested early on the password complexity seemed to be the issue. I had made sure there was no special characters in it, but I had made the password obscenely long. Changing it < 24 characters seems to have done the trick.

Apologies for all the confusion and thanks again for all the help.