vCloud

 View Only

  • 1.  Cloud Director LDAP integration with OpenLDAP server

    Posted Dec 12, 2024 05:08 PM

    Hello,

    I am trying on synchronizing Cloud Director LDAP with the OpenLDAP server to import users into VMware Cloud Director portal. The versions are: 

    • Cloud Director 10.5.1
    • OpenLDAP 20446

    The only documentation I can find is from 2021 and it is quite insufficient - Configure, Test, and Synchronize an LDAP Connection

    The situation is as follows:

    VCD LDAP successfully connects to the OpenLDAP server, but every time I test the connection, it reports an issue with the LDAP attributes.

    It seems like a mapping issue between LDAP and VCD. I modified and changed the values of the VCD LDAP attributes and group attributes multiple times, but the issue still persists. Currently, they look like this:

    I am confident that they are correct because I previously retrieved the parameters from the OpenLDAP server using
    ldapsearch -x -H ldap://ldap.DOMAIN.com:389

    Let someone who has already integrated VCD LDAP with OpenLDAP share their opinion.



  • 2.  RE: Cloud Director LDAP integration with OpenLDAP server

    Posted May 08, 2025 03:48 PM

    In my LDAP I have a testuser in a testgroup.

    When I execute an ldapsearch on testuser I get

    dn: uid=testuser,ou=users,[CUT]
uid: testuser
mail: testuser@example.com
givenName: Test
cn: Test User
sn: User
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
userPassword:: cHJvdmE=
structuralObjectClass: inetOrgPerson
entryUUID: aaae25e2-bf63-103f-9ad4-bbbbc760eadf
creatorsName: cn=manager,[CUT]
createTimestamp: 20250507075139Z
displayName: Test User
memberOf: cn=testgroup,ou= [CUT]
pwdFailureTime: 20250507153828.062525Z
pwdFailureTime: 20250507153839.810686Z
pwdFailureTime: 20250507154002.155601Z
telephoneNumber: 0801111111
entryCSN: 20250508140537.074392Z#000000#001#000000
modifyTimestamp: 20250508140537Z
modifiersName: cn=manager,[CUT]
entryDN: uid=testuser,ou=users,o=services,[CUT]
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE

    When I execute an ldapsearch on testgroup I get

    dn: cn=testgroup,ou=[CUT]
member: uid=testuser,ou=[CUT]
objectClass: groupOfNames
objectClass: top
structuralObjectClass: groupOfNames
entryUUID: aaa23748-bf90-103f-98f6-ccc4e33a4411
creatorsName: cn=manager,[CUT]
createTimestamp: 20250507131340Z
cn: testgroup
entryCSN: 20250508140913.063722Z#000000#001#000000
modifiersName: cn=manager,[CUT]
modifyTimestamp: 20250508140913Z
entryDN: cn=testgroup,ou=[CUT]
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE

    My LDAP configuration in VCD is

    User

    Group

    and what I get when I test it is 

    so everything seems to be ok in users but not in groups

    I hope this will help you to start your configuration and someone can help me to configure groups mapping




  • 3.  RE: Cloud Director LDAP integration with OpenLDAP server

    Posted May 22, 2025 06:47 AM

    Trovata la SOLUZIONE

    L'attributo Group membership identifier sia degli User Attributes che i Group Attributes deve essere impostato su dn


    Original Message