Re: [Users] Testing LDAP support.
----- Original Message -----
From: "Oved Ourfalli" <ovedo(a)redhat.com>
To: "Sharad Mishra" <snmishra(a)linux.vnet.ibm.com>
Cc: users(a)ovirt.org
Sent: Monday, April 9, 2012 8:36:49 PM
Subject: Re: [Users] Testing LDAP support.
----- Original Message -----
> From: "Sharad Mishra" <snmishra(a)linux.vnet.ibm.com>
> To: users(a)ovirt.org
> Sent: Monday, April 9, 2012 8:19:23 PM
> Subject: [Users] Testing LDAP support.
>
> Hi,
>
> I was able to successfully test simple authentication support of
> IBM
> Directory Server (IDS) in ovirt. Next step is to test "DIGEST-MD5"
> support. This protocol is currently supported by my test IDS. But I
> get
> -
>
> javax.naming.CommunicationException: [LDAP: error code 2 - Protocol
> Error]
>
> When a call is made to construct InitialDirContext with following
> settings -
>
> {java.naming.provider.url=ldap://ldapserver.ibm.com:389,
> java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
> java.naming.security.principal=uid=1234567,c=us,ou=ldapserver,o=ibm.com,
> java.naming.security.authentication=DIGEST-MD5 GSSAPI,
> java.naming.security.credentials=password,
> java.naming.referral=follow,
> java.naming.ldap.attributes.binary=objectGUID}
>
Can you also attach the jboss log and engine log? (assuming you are testing it in the
ovirt-engine environment).
They can be helpful, as it might be related to some class loading issue or something
similar, and the log might shed light on that.
> Do you know what could be going wrong here? I think its
something
> wrong
> with my usage and not in code.
>
> What test cases were run to verify RedHat DS support? I can try to
> run
> the same for IBM DS before posting the patch.
>
Hard to tell what went wrong there. I'll try to take a look a bit on
the web (as I assume you did but I guess it can't hurt).
As for RHDS, most tests were done manually:
* Adding users/groups
* Authentication
* Group membership
* Adding / removing / editing RHDS domain with the
engine-manage-domains utility.
* Refresh users/groups.
* Search for users/groups
That's basically the main scenarios.
We have an LdapTester as well. The problem there was to setup the
environment needed for the testing.
It contains test cases for AD/IPA.
Oved
> Thanks
> Sharad Mishra
> IBM
>
> _______________________________________________
> Users mailing list
> Users(a)ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users