> -----Original Message----- > > From: Rob Crittenden <[email protected]> > To: Jonathan J. Ramirez C. <[email protected]> > Cc: [email protected] > Subject: Re: [Freeipa-users] OC and FreeIPA > Date: Thu, 17 Jul 2014 10:33:50 -0400 > > > Jonathan J. Ramirez C. wrote: > > -----Original Message----- > > *From*: Rob Crittenden <[email protected] > > <mailto:rob%20crittenden%20%[email protected]%3e>> > > *To*: Jonathan J. Ramirez C. <[email protected] > > <mailto:%22jonathan%20j.%20ramirez%20c.%22%20%[email protected]%3e>>, > > [email protected] <mailto:[email protected]> > > *Subject*: Re: [Freeipa-users] OC and FreeIPA > > *Date*: Wed, 16 Jul 2014 14:12:34 -0400 > > > > Jonathan J. Ramirez C. wrote: > >> Hi. > >> > >> Does anybody here know how to properly set up ownCloud 6.0.4 to work > >> with FreeIPA 3.3.5? I keep getting these messages when trying to logon > >> to OC with a created account in FreeIPA. > >> > >> Here's a sample: > >> > >> ownCloud[2182]: {user_ldap} initializing paged search for > >> FilterobjectClass=* base Array ([0] => > >> uid=jonram,cn=users,cn=compat,dc=mydomain,dc=com) attr ipauniqueid limit > >> 99999 offset 0 > >> ownCloud[2182]: {user_ldap} Ready for a paged search > >> ownCloud[2182]: {user_ldap} Requested attribute ipauniqueid not found > >> for uid=jonram,cn=users,cn=compat,dc=mydomain,dc=com > >> ownCloud[2182]: {user_ldap} Could not autodetect the UUID attribute > >> ownCloud[2182]: {user_ldap} Cannot determine UUID for > >> uid=jonram,cn=users,cn=compat,dc=mydomain,dc=com. Skipping. > >> ownCloud[2182]: {core} Login failed: user 'jonram' , wrong password, > >> IP:set log_authfailip=true in conf > >> > >> I'm really new to OC and IPA so I don't know where to poke to make it > >> work. I'll much appreciate any hint. > > > > > >> I've never dealt with OC before but I scanned the LDAP docs quickly. > >> > >> You will want to set separate user and group base DNs. It is using the > >> compat tree and that is likely the wrong thing in this case. > >> > >> Users: cn=users,cn=accounts,dc=mydomain,dc=com > >> Groups: cn=groups,cn=accounts,dc=mydomain,dc=com > >> > >> That will fix the UUID issue at least. > >> > >> Have you set a password for this user account, and have you > >> authenticated with it yet? IPA marks all administratively set passwords > >> as expired, so you need to authenticate and change the password before > >> it is generally usable. > >> > >> IPA uses memberOf for its grouping in case you need to specify it. > >> > >> rob > > > > Thank you very much Rob. > > > > The use of separate user and group DNs gave me the clue to what I had to > > add in the OC LDAP settings. > > Great news. If you have the time and inclination I'd encourage you to > consider writing up a short how-to on our wiki at > http://www.freeipa.org/page/HowTos > > regards > > rob >
I will do that. As soon as I wrap it all up, I'll write a short tutorial. Again, thanks.
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
