Sonar 4.1.1 with LDAP 1.4 Configuration - active-directory

I am trying to configure the Sonar with windows Active directory. I am getting the below error.
ERROR [rails] Error from external users provider: Unable to retrieve details for user xxx.xxx in
The below configurations are done in sonar.property file
# LDAP configuration
# General Configuration
sonar.security.realm=LDAP
ldap.authentication: simple
sonar.security.savePassword=true
sonar.authenticator.createUsers=true
ldap.url=ldap://xxxx.group.root.ad
# User Configuration
ldap.user.baseDn=OU=Users,OU=Customs,OU=Group,dc=group,dc=root,dc=ad
ldap.user.request=(&(objectClass=inetOrgPerson)(uid={login}))
ldap.user.realNameAttribute=cn
ldap.user.emailAttribute=mail
# Group Configuration
ldap.group.baseDn=OU=Customs,OU=Group,dc=group,dc=root,dc=ad
#ldap.group.request=(&(objectClass=posixGroup)(memberUid={uid}))
ldap.group.request=((objectClass=group)(member={dn}))
anybody have an idea to fix the issue in sonar.
Regards
Arun.

I had similar issue with LDAP 2.1 on SonarQube 5.6 (LTS)
tl'dr
This format of ldap.user.request worked for me -
ldap.user.request=(uid={login})
If you are still reading ...
Here are some things that helped me resolving the issue
sonar.log :
Turn the DEBUG ON and look for the actual ldap search query thats getting build and the ldap context.
2017.03.14 00:35:04 DEBUG web[o.s.p.l.LdapSearch] Search: LdapSearch{baseDn=dc=test,dc=com, scope=subtree, request=(&(objectClass=inetOrgPerson)(uid={0})), parameters=[harvey], attributes=[mail, cn]}
2017.03.14 00:35:04 DEBUG web[o.s.p.l.LdapContextFactory] Initializing LDAP context {java.naming.provider.url=ldap://ldap.test.com, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.principal=uid=user,ou=People,dc=test,dc=com, com.sun.jndi.ldap.connect.pool=true, java.naming.security.authentication=simple, java.naming.referral=follow}
ldapsearch :
Run lapsearch command with same parameters from the logs (step #1)
$ldapsearch -x -L -D"uid=user,ou=People,dc=test,dc=com" -w"pass" -b"ou=People,dc=test,dc=com" "(uid=harvey)" mail cn
sonar.properties -
here is my working LDAP configuration
#General Configuration
sonar.security.realm=LDAP
ldap.url=ldaps://ldap.test.com
ldap.bindDn=uid=user,ou=People,dc=test,dc=com
ldap.bindPassword=pass
#User Configuration
ldap.user.baseDn=ou=People,dc=test,dc=com
ldap.user.request=(uid={login})
ldap.user.realNameAttribute=cn
ldap.user.emailAttribute=mail
#Group Configuration
ldap.group.baseDn=ou=Group,dc=test,dc=com
ldap.group.request=(&(objectClass=posixGroup)(memberUid={uid}))
ldap.user.request & ldap.group.request
From the step #1 you could find out whats the correct format for query filter parameter in your case and values for bindDn (-D) and baseDn _-b)
Hope this helps =)
Thanks!

I've just encountered a similar error in Sonar 5.1.1. Here's how I solved it:
The Base DN is incorrect for use with an AD server. This worked for me:
ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))
Anonymous authentication to an AD server apparently doesn't work with Sonar's LDAP plugin (this assumption is supported by the documentation which specifies anonymous authentication against an AD server as "untested"). You'll need to specify a Bind DN (here meaning a user) for connecting with the AD server:
ldap.bindDn=<user>#<domain>
ldap.bindPassword=secret

Related

cURL error 60: SSL: no alternative certificate subject name matches target host name. Inter-project communication

So I'm still in the process of updating a Drupal 7 site to 8 using drush and ddev.
After running the import, I get an error with upgrade_d7_file.
I've tried to install a certificate using this article:
https://www.ddev.com/ddev-local/ddev-local-trusted-https-certificates/
However still get the error, any ideas?
ddev exec drush migrate-import --all
ddev exec drush mmsg upgrade_d7_file
cURL error 60: SSL: no alternative certificate subject name matches target host name
'drupal7migration2.ddev.site'
(see https://curl.haxx.se/libcurl/c/libcurl-errors.html)
(https://drupal7migration2.ddev.site//sites/default/files/Virtual%20Challenges%20%28Results%20and%2
0PBs%29%2020200709.xlsx)
When you want one DDEV-Local project to talk to another using https, curl on the client side has to trust the server side that you're talking to. There are two ways to do this:
(built-in, no changes needed): Use ddev-<projectname>-web (the container name) as the target hostname in the URL. For example in your case, use curl https://ddev-drupal7migration2-web. This hostname is already trusted among various ddev projects.
(requires docker-compose.*.yaml): If you want to use the real full FQDN of the target project (https://drupal7migration2.ddev.site in your case) then you'll need to add that as an external_link in the client project's .ddev. So add a file named .ddev/docker-compose.external_links.yaml in the client side (migration1?) project, with these contents:
version: '3.6'
services:
web:
external_links:
- "ddev-router:drupal7migration2.ddev.site"
That will tell Docker to route requests to "drupal7migration2.ddev.site" to the ddev-router, and your container and curl trust it (it has that name in its cert list).

How to authenticate to Apache Guacamole using Active Directory authentication by LDAP?

After I configured the configuration below, it doesn't connect to the Active Directory. I can't login with a account of the Active Directory. What could be the problem?
I have a Ubuntu server 18.04 with Apache Guacamole v1.0.0. installed. I want to use LDAP-authentication to authenticate users. I have downloaded the guacamole-auth-ldap-1.0.0.jar and jldap-4.3.jar extensions.
ldap-hostname: 10.10.10.21, 10.10.10.22
ldap-port: 389
ldap-user-base-dn: OU=Users,DC=zoz,DC=lan
ldap-username-attribute: CN
ldap-config-base-dn: OU=Users,DC=zoz,DC=lan
ldap-encryption-method: none
I expect it should connect to the domain controller. But when I use the command "ldapsearch" it gives me the error that it can't contact the LDAP-server.
Please try this
ldap-hostname:
ldap-port:
ldap-username-attribute: sAMAccountName
ldap-encryption-method: none
ldap-search-bind-dn: binduser#domain.com
ldap-search-bind-password: password
ldap-config-base-dn: dc=domain,dc=local
ldap-user-base-dn: OU=myou,DC=domain,DC=local
ldap-user-search-filter:(objectClass=user)(!(objectCategory=computer))
ldap-max-search-results:400
Restart Tomcat and gucad

Connect to MSSQL from Spring boot application using windows authentication

I am currently using the below properties to connect to a remotely Mssql server from Java spring boot application:
spring.datasource.url=jdbc:sqlserver://ip\\domain;databaseName=name
spring.datasource.username=abc
spring.datasource.password=def
spring.datasource.driverClassName=com.microsoft.sqlserver.jdbc.SQLServerDriver
The application runs from both windows and unix servers. I need now to start using the windows authentication instead of the db credentials. This is already configured and supported from MSSQL side. From Java spring boot this is not working. I tried to add to the url: integratedSecurity=true it said it cannot find a dll. I added sqljdbc_auth.dll to java jre bin folder and it didnt work.
I'm working on MS SQL Server 2016, Hibernate 5.3.7.Final and Spring bot 2.2.0. For me, adding this line to properties worked: (without jtds!)
spring.datasource.url=jdbc:servername;databasename=your_db_name;integratedSecurity=true
You may also need these properties:
spring.datasource.driverClassName=com.microsoft.sqlserver.jdbc.SQLServerDriver
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.SQLServer2012Dialect
And if you encounter a problem with "no sqljdbc_auth in java.library.path".
You may refer to this answer no sqljdbc_auth.
Try use jtds driver, and in apllication properties use:
app.datasource.youraplication.jdbcUrl=jdbc:jtds:sqlserver://yourBdHost/yourSchemaBd;domain=yourDomain
Download the drivers from:
https://learn.microsoft.com/en-us/sql/connect/jdbc/download-microsoft-jdbc-driver-for-sql-server?view=sql-server-2017
Add the jar to your project Right Click on project - > Build Path -> Configure Build Path - > Libraries -> Add External JARs
Add "integratedSecurity=true" to your connection string and remove username and password

Configuring a Postgresql connection with Play 2 and Slick-Play

I'm learning how to build an application using Scala and the Play 2 Framemork. I`ve created a new project using the activator tool, based on "play-scala-intro" current template.
The template have a sample app using the Play-Slick 1.0 for managing dependencies and is configured with a H2 DB, that worked without problems.
When I tried to change to a Postgres DB, I'm running in trouble. I get an error 500, telling me:
"Cannot connect to database [default]".
In the stack trace, the exception is:
"Configured Slick driver org.postgresql.Driver is not an instance of
requested profile slick.profile.BasicProfile"
So... What I already did:
I added to my build.sbt file the dependency:
"org.postgresql" % "postgresql" % "9.4-1201-jdbc41"
In my configuration file (application.conf), the DB connection is configured as:
slick.dbs.default.driver=org.postgresql.Driver
slick.dbs.default.db.url="jdbc:postgresql://localhost:5432/hello_play"
slick.dbs.default.db.user="postgres" slick.dbs.default.db.password=""
PS: I've tried with slick.dbs.default.driver="org.postgresql.Driver" too...
PS2: My db password is empty. I'm connecting with PgAdmin without problems
slick.dbs.default.driver must be a slick driver, not a JDBC driver. Your db config should look something like this:
slick.dbs.default.driver="slick.driver.PostgresDriver$"
slick.dbs.default.db.driver="org.postgresql.Driver"
slick.dbs.default.db.url="jdbc:postgresql://localhost:5432/hello_play"
slick.dbs.default.db.user="postgres"
slick.dbs.default.db.password=""

DSpace error with oai import

After configuring my DSpace server, its working correctly but when I look at the OAI identify page (http://repositorio.puce.edu.ec/oai/request?verb=Identify) so we can be harvested, it says that the repository is localhost instead of my URL. I investigated and found out that to update this, I have to run this command: dspace/bin/dspace oai import -c but when I run that command is gives me the following error: Solr server (http://repositorio.puce.edu.ec/solr/oai) is down, turn it on.
I can see the Solr Admin (it can't be seen from the outside because of security reasons) so I don't know what should be turned on or how to do it?
Thanks for the help.
I encountered this error in the past.
Looking at my oai.cfg file, I used localhost for some settings and my public URL for others.
solr.url=http://localhost/solr/oai
# OAI persistent identifier prefix.
# Format - oai:PREFIX:HANDLE
identifier.prefix = repository.library.georgetown.edu
# Base url for bitstreams
bitstream.baseUrl = https://repository.library.georgetown.edu
If you need to make a config change, be sure to clear the cache after restarting service.

Resources