← Back to team overview

dhis2-devs team mailing list archive

Re: LDAP configuration

 

Hi All,

I can confirm that I have it working with ldap v3 (turned on for Active Directory) on a test and production instance for a client. One thing that you’ll have to do is make sure the users don’t have a valid encrypted password, because it will try this first so I used the query

UPDATE users SET password = 'ldapuser' WHERE ldapid IS NOT null;

Dan Cocos
Principal, BAO Systems
 dcocos@xxxxxxxxxxxxxx | http://www.baosystems.com |  2900 K Street, Suite 404, Washington D.C. 20007




> On Jul 13, 2016, at 12:07 PM, Bob Jolliffe <bobjolliffe@xxxxxxxxx> wrote:
> 
> Hi Lars
> 
> I just tried this but also don't see anything in the log file on startup.  Using configuration from https://dhis2.github.io/dhis2-docs/2.23/en/implementer/html/ch08s05.html.
> 
> Do you know does anyone have this working who can confirm for Chameera.
> 
> Bob
> 
> On 10 June 2016 at 12:26, Lars Helge Øverland <lars@xxxxxxxxx> wrote:
> Hi Chameera,
> 
> can you tell us the output of the tomcat log which is produced while you attempt to log in?
> 
> Also, during startup, the system will output "LDAP configuration enabled" or something like that to the Tomcat log if in fact detected.
> 
> regards,
> 
> Lars
> 
> 
> 
> 
> On Fri, Jun 10, 2016 at 1:05 PM, Chameera Mirihella <chameera9019@xxxxxxxxx> wrote:
> Hi Team,
> 
> I'm trying to configure a dhis instance against a LDAP server for authentication.
> 
> attached is my dhis.conf file with ldap parameters.
> 
> after ldap configuration when I access the login page it is just the usual login interface (I expected something different like when we configured openid) and I have no clue whether it is connected to the ldap server.
> 
> but one thing I noticed, it use local db for authentication.
> 
> I checked the ldap parameters using a ldap client browser and I am 99% sure about the parameters I have provided in dhis.conf
> 
> Is there anything i am missing, can someone please help..?
> 
> <ldap-config.png>
> 
> Thanks,
> Chameera.
> 
> On Wed, Jun 8, 2016 at 6:09 PM Chameera Mirihella <chameera9019@xxxxxxxxx> wrote:
> Thanks Bob, I understand, I will look into that.
> 
> Thanks again
> Chameera.
> 
> 
> On Wed, Jun 8, 2016 at 1:48 PM Bob Jolliffe <bobjolliffe@xxxxxxxxx> wrote:
> That ldap.url looks like the http url of your php ldap frontend web application.  You need to point it at the running ldap service not the php web interface.
> 
> On 8 June 2016 at 07:00, Chameera Mirihella <chameera9019@xxxxxxxxx> wrote:
> Hi Team,
> 
> I am trying to configure a dhis instance against a LDAP server for authentication.
> 
> I followed this doc.
> http://dhis2.github.io/dhis2-docs/2.23/en/implementer/html/dhis2_implementation_guide_en_full.html#d4040e1283
> 
> LDAP server is installed in another ubuntu machine in the same network.
> 
> https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-a-basic-ldap-server-on-an-ubuntu-12-04-vps
> 
> after configure dhis.conf file when restart tomcat it gives an error.
> 
> here I attached the dhis.conf and tomcat command prompt.
> 
> dhis instance :- 2.23
> 
> please let me know anything I am missing here.
> 
> <ldap-config.png>
> 
> <ldap-tomcat error.png>
> 
> Thanks,
> Chameera.
> 
> _______________________________________________
> Mailing list: https://launchpad.net/~dhis2-devs
> Post to     : dhis2-devs@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~dhis2-devs
> More help   : https://help.launchpad.net/ListHelp
> 
> 
> _______________________________________________
> Mailing list: https://launchpad.net/~dhis2-devs
> Post to     : dhis2-devs@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~dhis2-devs
> More help   : https://help.launchpad.net/ListHelp
> 
> 
> 
> 
> -- 
> Lars Helge Øverland
> Lead developer, DHIS 2
> University of Oslo
> Skype: larshelgeoverland
> lars@xxxxxxxxx
> http://www.dhis2.org
> 
> 
> _______________________________________________
> Mailing list: https://launchpad.net/~dhis2-devs
> Post to     : dhis2-devs@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~dhis2-devs
> More help   : https://help.launchpad.net/ListHelp



Follow ups

References