Hello,
My AWX environment was installed with docker-compose, and all works fine except LDAP authentication.
I am able to query the AD server from the command line and get all the users:
ldapsearch -x -H ldap://192.168.1.125:389 -D "CN=Acme Brick,OU=Users-DEV,DC=DEV,DC=ACME,DC=LOCAL" -b "DC=DEV,DC=ACME,DC=LOCAL" -w <PASSWORD>
But from the Web GUI Login page it fails systematically (same issue when using FreeIPA IdM).
My LDAP params are used in other systems with no issue, and I spent countless hours trying different parameters but no luck.
I am wondering if this has anything to do with the Docker container.
ENVIRONMENT- AWX version: 7.0.0.0
- AWX install method: docker
- Ansible version: 2.8.4
- Operating System: Linux Centos 7
- Web Browser: Firefox/Chrome/IE
STEPS TO REPRODUCE
I use either AD or FreeIPA IdM with the following settings for LDAP (example for AD):
LDAP SERVER URI: ldap://192.168.1.125:389
LDAP BIND DN: CN=Acme Brick,OU=Users-DEV,DC=DEV,DC=ACME,DC=LOCAL
LDAP BIND PASSWORD: ************
LDAP USER DN TEMPLATE: sAMAccountName=%(user)s,ou=Users-DEV,DC=DEV,DC=ACME,DC=LOCAL
LDAP GROUP TYPE: MemberDNGroupType
LDAP REQUIRE GROUP:
LDAP DENY GROUP:
LDAP USER SEARCH:
[
“OU=Users-DEV,DC=DEV,DC=ACME,DC=local”,
“SCOPE_SUBTREE”,
“(sAMAccountName=%(user)s)”
]
LDAP GROUP SEARCH:
[
“dc=DEV,dc=ACME,dc=local”,
“SCOPE_SUBTREE”,
“(objectClass=user)”
]
LDAP USER ATTRIBUTE MAP:
{
“first_name”: “givenName”,
“last_name”: “sn”,
“email”: “mail”
}
LDAP GROUP TYPE PARAMETERS:
{
“name_attr”: “cn”,
“member_attr”: “member”
}
EXPECTED RESULTS
Successfully authenticate against Active Directory
ACTUAL RESULTS
Invalid username and/or password. Please try again.
