AW: Re: AD Domain Trusts/LDAP Queries

Hi Jim, Hi Rick,
The mangle action is ok. (Without mangle=)
Do you have any further settings in the policy, which might result in not triggering the policy?
Like realms, clientIP…
Is the policy active (sorry :slight_smile:
If you like to, I can send you some code modifications with more debug output.
Kind regardsCornelius

Cornelius KölbelCornelius.koelbel@netknights.it+49 151 2960 1417
NetKnights GmbHhttp://netknights.itLandgraf-Karl-Str. 19, 34131 Kassel, GermanyTel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405Geschäftsführer: Cornelius Kölbel-------- Ursprüngliche Nachricht --------
Von: James McCracken merlinjim@gmail.com
Datum: 04.11.2015 17:39 (GMT+01:00)
An: privacyidea privacyidea@googlegroups.com
Betreff: Re: AD Domain Trusts/LDAP Queries

Hi Cornelius,
I work with Rick. We’ve been running with loglevel DEBUG all morning and a mangle field of { “mangle”: “user/.*(.{4})/\1/” }, yet when I run: “cat /var/log/privacyidea/privacyidea.log | grep mangling”, I get no result. I also tried mangle=… as the mangle field but that resulted in { “mangle”: “mangle”} so didn’t seem right.
Here is our logging config in case we got something wrong there:
//etc/privacyidea/logging.cfg
[formatters]
keys=detail

[handlers]
keys=file

[formatter_detail]
class=privacyidea.lib.log.SecureFormatter
format=[%(asctime)s][%(process)d][%(thread)d][%(levelname)s][%(name)s:%(lineno)d] %(message)s

[handler_file]

Rollover the logfile at midnight

class=logging.handlers.RotatingFileHandler
backupCount=14
maxBytes=10000000
formatter=detail
level=DEBUG
args=(‘/var/log/privacyidea/privacyidea.log’,)

[loggers]
keys=root,privacyidea

[logger_privacyidea]
handlers=file
qualname=privacyidea
level=DEBUG

[logger_root]
level=NOTSET
handlers=file
On Wednesday, November 4, 2015 at 9:05:04 AM UTC-5, Cornelinux K wrote:Hi Rick,

you should be able to see a log entry in loglevel DEBUG in

privacyidea.log like:

    "mangling authentication data: %s"

So set loglevel to DEBUG and restart the webserver.

How does your policy look like?

Kind regards

Cornelius

Am Mittwoch, den 04.11.2015, 05:54 -0800 schrieb RickP:

Yes we have been working with the mangle policy this morning but with

no success so far, is there a way to debug the mangle policy to see

what is being parsed out and presented as the final user lookup?

Thanks!!

You received this message because you are subscribed to the Google

Groups “privacyidea” group.

To unsubscribe from this group and stop receiving emails from it, send

an email to privacyidea...@googlegroups.com.

To post to this group, send email to priva...@googlegroups.com.

To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/1d6d06c1-6991-4c81-bee1-a7861280be90%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

Cornelius Kölbel

corneliu…@netknights.it

+49 151 2960 1417

NetKnights GmbH

http://www.netknights.it

Landgraf-Karl-Str. 19, 34131 Kassel, Germany

Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405

Geschäftsführer: Cornelius Kölbel

You received this message because you are subscribed to the Google Groups “privacyidea” group.

To unsubscribe from this group and stop receiving emails from it, send an email to privacyidea+unsubscribe@googlegroups.com.

To post to this group, send email to privacyidea@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/privacyidea/2e85f5fc-4dfe-42a7-af56-a6187c959e36%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.