vmware-tanzu-labs/cf-mgmt

I can't connect with Ldap

ulrichnansi opened this issue · 2 comments

ulrichnansi commented

Hello,

I'm trying to connect with Ldap. I have this error :
error: cannot bind with sTasCfmgmt: unable to read LDAP response packet: read tcp 10.254.4.186:47404->10.211.196.85:636: read: connection reset by peer

I have tested my credentials in Ldap Browser. There worked fine.

That is my vars.yml file :

your git repo uri

git_repo_uri: ((repo))
git_repo_branch: master

your cf system domain

system_domain: ((system-domain))

user account with permission to create orgs/spaces

user_id: "cf-mgmt"

DEPRECATED - Use client_secret - password of user account with permission to create orgs/spaces

password: ""

client secret for uaa for user_id

client_secret: ((cf-mgmt-client-secret))

logging level for cf-mgmt commands in the pipeline

log_level: DEBUG

time interval to trigger update/delete jobs on

time-trigger: 50m

configuration directory

config_dir: config-repo

allow specifying ldap server in pipeline vs in ldap.yml only needed if using LDAP

ldap_server: ((ldap-server))

allow specifying ldap bind user in pipeline vs in ldap.yml only needed if using LDAP

ldap_user: sTasCfmgmt

password to bind to ldap - only needed if using LDAP

ldap_password: ((cfmgmt-pass))

Below the ldap.yml file :
enabled: true
ldapHost: xxx
ldapPort: 636
use_tls: true
bindDN: uid=xxx,ou=Utilisateurs
userSearchBase: ou=Utilisateurs,ou=xxxx,dc=mvt,dc=xxxx,dc=dev
userNameAttribute: sTasCfmgmt
userMailAttribute: xxx@xxx.com
userObjectClass: top,person,organizationalPerson,user
groupSearchBase: ou=Groupes,ou=xxx,dc=mvt,dc=xxx,dc=dev
groupAttribute: member
groupObjectClass: top, person
origin: ldap
insecure_skip_verify: true
ca_cert: |
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgINAJLy5Acu55chLRp0MzANBgkqhkiG9w0BAQsFADBNMR0w
GwYDVQQKDBRNb3V2ZW1lbnQgRGVzamFyZGluczEsMCoGA1UEAwwjQUMgU3ViIFBy
XXXX
4vP5cxZ8Mh4pm6L/2VZvwSp9Svm9AovtNUXgX9vjkn4uvMtx+Xmg5OQIrLlaY5Pg
Fbzr8Iy38GmV0Bbon7C1S2kPLr+cuw3VPLko173IJ+D0GkkM+BUW2i7wa6rnrZ7P
t8MenXoNvSdV/cXbpGpKV0FOaB6sQyqlHDGpBOIbddDl/kCuK4rCEVHKCuObIX5P
4fxJepakk1bKi7emt26AApmntDtJXV86k83jATLGIBbDnDNJpOhw2nAxViNFSiCi
XXXX
-----END CERTIFICATE-----
useIDForSAMLUser: false
minTLSVersion: 1.0
maxTLSVersion: 1.3

Please, can U help me?
Thanks

cf-gitbot commented

We have created an issue in Pivotal Tracker to manage this. Unfortunately, the Pivotal Tracker project is private so you may be unable to view the contents of the story.

The labels on this github issue will be updated when the story is started.

ulrichnansi commented

It's now OK. This issue occurs with version < 1.0.50. I change the cf-mgmt version and it's now OK