Fresh install using CentOS7-Nginx Doc
When i try to add a token on the GUI i cannot get a dropped down menu of user(s). Which gives me an error if i try to create anyways.
At first i thought it was because there were only one user that had logged in but i logged in as a dummy user and still not drop down list of users to select.
I am authentication with ldap.
[root@ussrv010 librenms]# ./validate.php
====================================
Component | Version
--------- | -------
LibreNMS | 1.37-99-g7ed7885
DB Schema | 247
PHP | 7.2.2
MySQL | 5.5.56-MariaDB
RRDTool | 1.4.8
SNMP | NET-SNMP 5.7.2
====================================
[OK] Composer Version: 1.6.3
[OK] Dependencies up-to-date.
[OK] Database connection successful
[OK] Database schema correct
Using Google Chrome Browser
Any input will be appreciated.
Thanks!
dave
Using Microsoft Edge Browser:
I know it’s fashionable to have a downer on Edge - but it really does suffer on both sides - if you’re an MS superfan, Edge does not work with (MS) Sharepoint… on the other side it appears not to support standards too well either (depending on the exact version you have)
Try using a current version of Firefox or Chrome (or Safari, or some other properly standards-compliant browser).
Thank you for the reply @ManOfLard
As you can see on the first post i was using Google Chrome. And yes ive used firefox as well and same result.
Anywhere else to look?
Thanks
Googling around i found this issue on github
Wish that was my solution. I’ve always had a bind user:
$config['auth_ldap_binddn'] = 'cn=authuser,dc=datacom,dc=net';
$config['auth_ldap_bindpassword'] = 'password';
Even still, I experience same issue as person who reported it I guess the difference with him is that im using ldap and he is using AD which is essentially ldap…
I had similar issues in trying to get API tokens to work with LDAP. Here’s what I landed on that is working of us.
# Active Directory Authentication
$config['auth_mechanism'] = "active_directory";
$config['auth_ad_url'] = "ldaps://172.16.0.X";
$config['auth_ad_check_certificates'] = 0; // or 1
$config['auth_ad_domain'] = "example.com";
$config['auth_ad_base_dn'] = "DC=internal,DC=example,DC=com";
$config['auth_ad_binduser'] = "serviceuser";
$config['auth_ad_bindpassword'] = "complexpassword";
$config['auth_ldap_cache_ttl'] = 300;
// lvl 10 admin, lvl 5 readonly, lvl 0 only explicit access
$config['auth_ad_groups']['Group NMS Admins']['level'] = 10;
https://docs.librenms.org/#Extensions/Authentication/#active-directory-authentication
Thank you for the reply! @7roxel
I can see you are using AD settings. Im using openldap so using the ldap settings:
https://docs.librenms.org/#Extensions/Authentication/#ldap-authentication
// LDAP Authentication
$config['auth_mechanism'] = "ldap"; # default, other options: ldap, http-auth
unset($config['auth_ldap_group']);
unset($config['auth_ldap_groups']);
$config['auth_ldap_binddn'] = 'cn=authuser,dc=datacom,dc=net';
$config['auth_ldap_bindpassword'] = 'password';
$config['auth_ldap_version'] = 3; # v2 or v3
$config['auth_ldap_server'] = "ldap://srv1 ldap://srv2 ldap://srv3";
$config['auth_ldap_port'] = 389;
$config['auth_ldap_prefix'] = "uid=";
$config['auth_ldap_suffix'] = ",ou=People,dc=datacom,dc=net";
$config['auth_ldap_group'] = "cn=librenms,ou=Group,dc=datacom,dc=net";
$config['auth_ldap_groupbase'] = "ou=Group,dc=datacom,dc=net";
$config['auth_ldap_groups']['librenms']['level'] = 10;
$config['auth_ldap_groupmemberattr'] = "memberUid";
$config['auth_ldap_emailattr'] = "mail";
Thanks to PR i can now see my user drop down list
Summary is we accepted a change to improve the speed of listing all users, but some ldap servers don’t have memberOf enabled. So for those, we try the fast way, then revert to the slow way.
If you want to enable the fast lookup:
https://www.openldap.org/doc/admin24/overlays.html#Reverse%20Group%20Membership%20Maintenance