[stork-users] Stork Server LDAP hook loading but not functioning

Donald Birtch donald.birtch at sickkids.ca
Mon Oct 28 16:54:01 UTC 2024 

Hi All,

  I have been stumped with getting the Stork Server LDAP hook working.  Maybe someone can see a glaring issue with my configuration or have some additional things to troubleshoot the issue.  I see no logs relating to LDAP.  Here are the installed packages:

hi  isc-stork-server                       1.19.0.240927162608                     amd64        ISC Stork Server
hi  isc-stork-server-hook-ldap             1.19.0.240927162031                     amd64        ISC Stork server ldap hook

The LDAP hook appears to be loaded:

# lsof -p $(pgrep stork-server) | grep stork-server-ldap.so
stork-ser 409743 stork-server  mem       REG              253,0 12268368 16789136 /usr/lib/stork-server/hooks/stork-server-ldap.so

Here are the server.env entries that I added based on the "stork-server -help" output:

STORK_SERVER_HOOK_LDAP_URL=ldaps://ldap-server
STORK_SERVER_HOOK_LDAP_SKIP_SERVER_TLS_VERIFICATION=true
STORK_SERVER_HOOK_LDAP_BIND_USERDN=uid=username,ou=users,dc=server,dc=local
STORK_SERVER_HOOK_LDAP_BIND_PASSWORD=password123
STORK_SERVER_HOOK_LDAP_ROOT=dc=server,dc=local
STORK_SERVER_HOOK_LDAP_DEBUG=true
STORK_SERVER_HOOK_LDAP_MAP_GROUPS=true
STORK_SERVER_HOOK_LDAP_GROUP_ALLOW=admins
STORK_SERVER_HOOK_LDAP_GROUP_ADMIN=admins
STORK_SERVER_HOOK_LDAP_GROUP_SUPER_ADMIN=admins
STORK_SERVER_HOOK_LDAP_OBJECT_CLASS_USER=inetOrgPerson
STORK_SERVER_HOOK_LDAP_OBJECT_CLASS_USER_ID=uid
STORK_SERVER_HOOK_LDAP_OBJECT_CLASS_USER_EMAIL=mail
STORK_SERVER_HOOK_LDAP_OBJECT_CLASS_USER_LAST_NAME=sn
STORK_SERVER_HOOK_LDAP_OBJECT_CLASS_USER_FIRST_NAME=displayName
STORK_SERVER_HOOK_LDAP_OBJECT_CLASS_GROUP=posixGroup
STORK_SERVER_HOOK_LDAP_OBJECT_CLASS_GROUP_COMMON_NAME=cn
STORK_SERVER_HOOK_LDAP_OBJECT_CLASS_GROUP_MEMBER=memberUid

Any help is appreciated.

Cheers,
Don


________________________________

This e-mail may contain confidential, personal and/or health information(information which may be subject to legal restrictions on use, retention and/or disclosure) for the sole use of the intended recipient. Any review or distribution by anyone other than the person for whom it was originally intended is strictly prohibited. If you have received this e-mail in error, please contact the sender and delete all copies.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/stork-users/attachments/20241028/ced5377a/attachment.htm>

More information about the Stork-users mailing list