I successfully connect the CASino gems to Active Directory by using LDAP. But the problem is, I need to gather the data in AD that located in several folders. How can I do this?
In my cas.yml code I write like this
development:
<<: *defaults
frontend:
sso_name: AUTHENTICATION CENTER
authenticators:
my_company_ldap:
authenticator: LDAP
options:
host: LDAP_HOST
port: 389
base: OU=Users,OU=UserFolder1,OU=Root,DC=company,DC=com
username_attribute: sAMAccountName
encryption: false
admin_user: ADMIN
admin_password: admin
extra_attributes:
email: mail
fullname: displayname
How I can connect to several folders in AD? I tried to write another base: inside it but it only read the newest base, I also tried to customized the value of cas.yml inside the controller, but I need to restart the server to apply the changes. Can I make the base: to read several folders not only UserFolder1?
I found it by myself.
The answer simply just adding a new configuration below that. That makes the config to access several folders in AD.
Here's the example of the implementations
development:
<<: *defaults
frontend:
sso_name: AUTHENTICATION CENTER
authenticators:
my_company_ldap1:
authenticator: LDAP
options:
host: LDAP_HOST
port: 389
base: OU=Users,OU=UserFolder1,OU=Root,DC=company,DC=com
username_attribute: sAMAccountName
encryption: false
admin_user: ADMIN
admin_password: admin
extra_attributes:
email: mail
fullname: displayname
my_company_ldap2:
authenticator: LDAP
options:
host: LDAP_HOST
port: 389
base: OU=Users,OU=UserFolder2,OU=Root,DC=company,DC=com
username_attribute: sAMAccountName
encryption: false
admin_user: ADMIN
admin_password: admin
extra_attributes:
email: mail
fullname: displayname
Related
I'm using this gem stated in the title: https://github.com/paypal/permissions-sdk-ruby
I got everything to work, but it seems the gem only has built-in methods that request basic and advanced user info. However, I need to get transaction/payment data. What's the best way to go about this?
Do I use the tokens to now make requests manually via HTTParty or such?
paypal.yml
test: &default
# Credentials for REST APIs
client_id: AZeKLB9rkwMumoPHGg_xG-sMOtEREDh3VeSP2cgbdorScFDkGBAoG2WQ0ZNtIgdKM6eaCfYqKmXzxDqS
client_secret: ELXfwfA4wGU_PEwjIiYllCvs7gQCYsaWyN_yzXux5XSrHv6ZxGEUasnSIHvkAZ4-rYXTcvC4Igy097xo
# Mode can be 'live' or 'sandbox'
mode: sandbox
# Credentials for Classic APIs
app_id: APP-80W284485P519543T
username: jb-us-seller_api1.paypal.com
password: WX4WTU3S8MY44S7F
signature: AFcWxV21C7fd0v3bYYYRCpSSRl31A7yDhhsPUU2XhtMoZXsWHFxu-RWy
# # With Certificate
# cert_path: "config/cert_key.pem"
sandbox_email_address: kolbywebdev-facilitator#gmail.com
# # IP Address
# ip_address: 127.0.0.1
# # HTTP Proxy
# http_proxy: http://proxy-ipaddress:3129/
development:
<<: *default
production:
<<: *default
mode: live
I need your help. In my app I'm using devise_ldap_authenticatable gem for Devise.
After configuring device.rb in initializers and ldap.yml still can't find records in LDAP I'm sure I should (I can find them via LDAP explorer using the same configuration and credentials). Can you please advice me, what I do wrong in my config, that I'm not searching properly. Which attribute should I change (it's not the problem with authentication but with finding records in LDAP).
My config:
authorizations: &AUTHORIZATIONS
##allow_unauthenticated_bind: false
##group_base: DC=zzz,DC=yyy,DC=xxx
#Requires config.ldap_check_group_membership in devise.rb be true
# Can have multiple values, must match all to be authorized
##required_groups:
# If only a group name is given, membership will be checked against "uniqueMember"
##- cn=admins,ou=groups,dc=zzz,dc=yyy,dc=xxx
##- cn=users,ou=groups,dc=zzz,dc=yyy,dc=xxx
# If an array is given, the first element will be the attribute to check against, the second the group name
##- ["moreMembers", "cn=users,ou=groups,dc=test,dc=com"]
## Requires config.ldap_check_attributes in devise.rb to be true
## Can have multiple attributes and values, must match all to be authorized
##require_attribute:
##objectClass: inetOrgPerson
##authorizationRole: postsAdmin
## Environment
development:
host: host_name
port: 389
attribute: mail
base: DC=zzz,DC=yyy,DC=xxx
admin_user: user_name
admin_password: *******
ssl: false
In my log I can see:
LDAP: LDAP dn lookup: mail=login
LDAP: LDAP search for login: mail=login
LDAP: LDAP search yielded 0 matches
LDAP: Authorizing user mail=login,DC=xxx,DC=zzz,DC=yyy
LDAP: Not authorized because not authenticated.
Many thanks,
T
I'd like to create new root user in mongodb who has access to any database, any collection and perform all actions as root.
Below is my mongoid.yml file
development:
clients:
default:
database: mydb_development
hosts:
- localhost:27017
options:
user: rootuser
password: 12345
options:
raise_not_found_error: false
I read the documentation and I've created new rootuser
use admin
db.createUser({user: 'rootuser', pwd: '12345', roles: ['root']});
It created the user successfully but with access to admin database only instead of to any database.
Mongo::Auth::Unauthorized (User rootuser is not authorized to access mydb_development.):
On the other hand when I'd like to add new root user being in mydb_developmentmyrootuser
use mydb_development
db.createUser({user: 'rootuser', pwd: '12345', roles: ['root']});
I can't create new user and I get error:
Error: couldn't add user: No role named root#mydb_development :
So the question is : How to add new user with root privileges and be able to use it through mongoid.yml ?
MongoDB shell version: 3.2.10
You probably solved this by using the dbOwner role instead of root. The root role can only be used when you are on the admin db.
use admin;
db.createUser({user: 'rootuser', pwd: '12345', roles: ['root']});
I am using Ruby 2.1.2 and Rails 4.1.1, I used devise and devise_ldap_authenticatable for authentication with ldap. I followed all the steps which mentioned in the below link
https://github.com/cschiewek/devise_ldap_authenticatable. when I am trying to login I got the following error
ldap.yml :-
development:
host: zeus.corp.ads.valuelabs.net
port: 389
attribute: samaccountname
base: DC=corp,DC=###,DC=####,DC=net
ssl: false
LDAP: LDAP dn lookup: cn=ykakarla
LDAP: LDAP search for login: cn=ykakarla
LDAP: LDAP search yielded 0 matches
LDAP: Authorizing user cn=ykakarla,DC=corp,DC=###,DC=####,DC=net
LDAP: Not authorized because not authenticated.
I found the issue and I changed my ldap.yml
development:
host: zeus.corp.ads.valuelabs.net
port: 389
attribute: cn
base: OU=USERS,OU=MOBILE TEAM,OU=PROJECTS,OU=#####, DC=corp,DC=####,DC=#####,DC=net
ssl: false
now when I am giving my cn i.e yaswanth kakarla, it's getting authenticated.
it is searching only top directory.but I need to search subtree also.
Any help.
Thanks
I have problem with seamless gem
development:
adapter: jdbcmysql
database: mydb_development
username: read_user
password: abc123
pool_adapter: jdbcmysql
port: 3306
master:
host: master-db.example.com
port: 6000
username: master_user
password: 567pass
read_pool:
- host: read-db-1.example.com
pool_weight: 2
- host: read-db-2.example.com
it should read for slave right [read-db-1.example.com] ? but it was weird.. it always read to master database [mydb_development] .
do you have any suggestion, how should i do to configure this gem for default read to slave database?
Thank you
Specify pool_weight=0 in the master configuration
By default, the master connection will be included in the read pool. If you would like to dedicate this connection only for write operations, you should set the pool weight to zero.
seam_leass_database_pool plugin