Hi Stefan,
there might be a problem with the referral chasing.
The search for the user also returns the Config partion etc…
You can work around like this:
Please use no the top level base DN like “dc=yourdomain,dc=tld”, but
rather a subdir like:
cn=users,dc=yourdomain,dc=tld.
Then it works out fine.
Kind regards
CorneliusAm 01.03.2015 um 12:30 schrieb Cornelius Kölbel:
Good news, everybody.
I can reproduce the problem…
Looking into it.
Kind regards
CorneliusAm 01.03.2015 um 11:47 schrieb Stefan Steuer:
I used the default ldap-filter from your example (active directory)
On Sunday, March 1, 2015 at 12:10:35 AM UTC+1, Cornelius Kölbel wrote:
This probably is a misconfiguration in your LDAP resolver. What does your LDAP Resolver settings look like? What is your login attribute? Your Search FIlter and User Filter? This part of the code takes your searchfilter and constructs an ldap filter like this: (&(......)(<LoginAtribute>=s.steuer)) you might want to check with ldaputils (ldapsearch), which conflicting object are found. Kind regards Cornelius Am 28.02.2015 um 21:01 schrieb Stefan Steuer:
Next bug is that when I want to use the ldap-resolver and enroll a token I'll get the following error. Found more than one object for Loginname u's.steuer' privacylog: [2015-02-28 21:00:03,142][25486][140692787885824][WARNING][privacyidea.lib.config:451] unable to load resolver module : 'resolvers.SCIMIdResolver' (ImportError('cannot import name getResolverClass',)) [2015-02-28 21:00:03,263][25486][140692787885824][ERROR][privacyidea.app:1423] Exception on /token/init [POST] Traceback (most recent call last): File "/opt/privacyidea/privacyidea-venv/local/lib/python2.7/site-packages/flask/app.py", line 1817, in wsgi_app response = self.full_dispatch_request() File "/opt/privacyidea/privacyidea-venv/local/lib/python2.7/site-packages/flask/app.py", line 1477, in full_dispatch_request rv = self.handle_user_exception(e) File "/opt/privacyidea/privacyidea-venv/local/lib/python2.7/site-packages/flask/app.py", line 1381, in handle_user_exception reraise(exc_type, exc_value, tb) File "/opt/privacyidea/privacyidea-venv/local/lib/python2.7/site-packages/flask/app.py", line 1475, in full_dispatch_request rv = self.dispatch_request() File "/opt/privacyidea/privacyidea-venv/local/lib/python2.7/site-packages/flask/app.py", line 1461, in dispatch_request return self.view_functions[rule.endpoint](**req.view_args) File "/opt/privacyidea/privacyidea-venv/local/lib/python2.7/site-packages/privacyidea/api/lib/prepolicy.py", line 79, in policy_wrapper action=self.action) File "/opt/privacyidea/privacyidea-venv/local/lib/python2.7/site-packages/privacyidea/api/lib/prepolicy.py", line 167, in check_max_token_realm user_object = get_user_from_param(params) File "/opt/privacyidea/privacyidea-venv/local/lib/python2.7/site-packages/privacyidea/lib/user.py", line 403, in get_user_from_param user_object = User(login=username, realm=realm) File "/opt/privacyidea/privacyidea-venv/local/lib/python2.7/site-packages/privacyidea/lib/log.py", line 101, in log_wrapper f_result = func(*args, **kwds) File "/opt/privacyidea/privacyidea-venv/local/lib/python2.7/site-packages/privacyidea/lib/user.py", line 87, in __init__ self.get_resolvers() File "/opt/privacyidea/privacyidea-venv/local/lib/python2.7/site-packages/privacyidea/lib/user.py", line 172, in get_resolvers uid = y.getUserId(self.login) File "/opt/privacyidea/privacyidea-venv/local/lib/python2.7/site-packages/privacyidea/lib/resolvers/LDAPIdResolver.py", line 241, in getUserId LoginName) Exception: Found more than one object for Loginname u's.steuer' -- You received this message because you are subscribed to the Google Groups "privacyidea" group. To unsubscribe from this group and stop receiving emails from it, send an email to privacyidea...@googlegroups.com <javascript:>. To post to this group, send email to priva...@googlegroups.com <javascript:>. To view this discussion on the web visit https://groups.google.com/d/msgid/privacyidea/6e4e906e-05c2-44e3-b908-612e55663023%40googlegroups.com <https://groups.google.com/d/msgid/privacyidea/6e4e906e-05c2-44e3-b908-612e55663023%40googlegroups.com?utm_medium=email&utm_source=footer>. For more options, visit https://groups.google.com/d/optout <https://groups.google.com/d/optout>.
–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it,
send an email to privacyidea+unsubscribe@googlegroups.com
mailto:privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com
mailto:privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/70f4d765-c57c-4b39-9dcf-0aefb62b8faf%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/70f4d765-c57c-4b39-9dcf-0aefb62b8faf%40googlegroups.com?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout.
–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com
mailto:privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com
mailto:privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/54F2F858.6020308%40privacyidea.org
https://groups.google.com/d/msgid/privacyidea/54F2F858.6020308%40privacyidea.org?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout.