Project

General

Profile

Tâche #20065

Scénario #19197: Tester le fonctionnement EOLE AD avec Seth

Proposer le choix entre ldap et ldaps pour la réplication LSC

Added by Joël Cuissinat over 6 years ago. Updated over 6 years ago.

Status:
Fermé
Priority:
Normal
Assigned To:
Joël Cuissinat
Target version:
sprint 2017 13-15 Equipe MENSR
Start date:
02/16/2017
Due date:
% Done:

100%

Estimated time:
4.00 h
Spent time:
4.00 h
Remaining (hours):
0.0

Description

Ajouter une variable et le code associé

Associated revisions

Revision 367495b2 (diff)
Added by Joël Cuissinat over 6 years ago

Choix entre ldap et ldaps pour la réplication LSC

  • dicos/26_eolead.xml : nouvelle variable "ad_ldaps"
  • tmpl/lsc.xml : construction de l'URL LDAP en fonction de la variable

Ref: #20065

History

#1 Updated by Joël Cuissinat over 6 years ago

  • Status changed from Nouveau to En cours

#2 Updated by Joël Cuissinat over 6 years ago

  • Assigned To set to Joël Cuissinat
  • Remaining (hours) changed from 4.0 to 2.0

#3 Updated by Joël Cuissinat over 6 years ago

  • % Done changed from 0 to 80
  • Remaining (hours) changed from 2.0 to 1.0

TODO : documenter l'intégration de la CA dans le keystore standard de la JVM...

#4 Updated by Scrum Master over 6 years ago

  • Status changed from En cours to Résolu

#5 Updated by Gérald Schwartzmann over 6 years ago

En LDAPS

root@scribe:~# lsc -f /etc/lsc -s all -t1
avr. 12 09:27:31 - INFO  - Logging configuration successfully loaded from /etc/lsc/logback.xml 
avr. 12 09:27:31 - INFO  - LSC configuration successfully loaded from /etc/lsc/
avr. 12 09:27:31 - INFO  - Connecting to LDAP server ldaps://seth1.etb1.lan:636/DC=etb1,DC=lan as CN=Administrator,CN=Users,DC=etb1,DC=lan
avr. 12 09:27:32 - INFO  - Connecting to LDAP server ldap://localhost:389/o=gouv,c=fr as cn=admin,o=gouv,c=fr
avr. 12 09:27:32 - INFO  - Starting sync for groups
avr. 12 09:27:33 - ERROR - There is no future associated with operation message ID 18, perhaps the operation would have been completed
avr. 12 09:27:33 - ERROR - There is no future associated with operation message ID 18, perhaps the operation would have been completed
avr. 12 09:27:33 - ERROR - There is no future associated with operation message ID 41, perhaps the operation would have been completed
avr. 12 09:27:33 - ERROR - There is no future associated with operation message ID 41, perhaps the operation would have been completed
avr. 12 09:27:33 - INFO  - All entries: 51, to modify entries: 0, successfully modified entries: 0, errors: 0
avr. 12 09:27:33 - INFO  - Starting sync for users
avr. 12 09:27:35 - INFO  - All entries: 62, to modify entries: 0, successfully modified entries: 0, errors: 0
root@scribe:~# 
root@scribe:~# 
root@scribe:~#

En LDAP après changement de la valeur de la variable et reconfigure.

Start System V service lsc                                                                                                                            [  KO  ]
Service lsc in root not started: lsc: [INFO] Using /etc/default/lsc for configuration
lsc: [INFO] Launching LSC configuration test...
lsc: [OK] LSC configuration test successful
lsc: [INFO] Launching LSC...
lsc: [OK] Using LSC JMX port 1099
lsc: [INFO] Waiting 1s for LSC java process to launch
lsc: [OK] Register LSC PID 13603
lsc: [ALERT] LSC not running

root@scribe:~# lsc -f /etc/lsc -s all -t1
avr. 12 09:32:08 - INFO  - Logging configuration successfully loaded from /etc/lsc/logback.xml 
avr. 12 09:32:08 - INFO  - LSC configuration successfully loaded from /etc/lsc/
avr. 12 09:32:08 - INFO  - Connecting to LDAP server ldap://seth1.etb1.lan/DC=etb1,DC=lan as CN=Administrator,CN=Users,DC=etb1,DC=lan
avr. 12 09:32:08 - ERROR - Error opening the LDAP connection to the destination! (javax.naming.AuthenticationNotSupportedException: [LDAP: error code 8 - BindSimple: Transport encryption required.])
avr. 12 09:32:08 - ERROR - org.lsc.exception.LscConfigurationException: Configuration exception: javax.naming.AuthenticationNotSupportedException: [LDAP: error code 8 - BindSimple: Transport encryption required.]
root@scribe:~#

root@scribe:~# service lsc restart
lsc: [INFO] Using /etc/default/lsc for configuration
lsc: [INFO] Launching LSC configuration test...
lsc: [OK] LSC configuration test successful
lsc: [OK] LSC is already stopped
lsc: [INFO] Launching LSC...
lsc: [OK] Using LSC JMX port 1099
lsc: [INFO] Waiting 1s for LSC java process to launch
lsc: [OK] Register LSC PID 15039
lsc: [ALERT] LSC not running
root@scribe:~# 

ATTENTION : plusieurs sambaDomainName détectés !
Des dysfonctionnements sont possibles sur ce serveur

.             Ticket kerberos => Ok
.         Synchronisation LSC => Erreur
.                DNS 10.1.3.6 => Erreur

#6 Updated by Gérald Schwartzmann over 6 years ago

  • % Done changed from 80 to 100

#7 Updated by Gérald Schwartzmann over 6 years ago

  • Remaining (hours) changed from 1.0 to 0.0

#8 Updated by Gérald Schwartzmann over 6 years ago

  • Status changed from Résolu to Fermé

Also available in: Atom PDF