Details
Description
- Configure CB Server with LDAP and also with ldap group support
- Configure with ldap group and assign it a admin role
- Add a user to ldap group
- Now login via the ldap user.
- Now login via "Administrator"
Logs show:
[ns_server:debug,2019-01-10T01:32:45.214-08:00,ns_1@127.0.0.1:<0.25671.0>:ldap_util:with_connection:31]Connected to LDAP server
[ns_server:debug,2019-01-10T01:32:45.519-08:00,ns_1@127.0.0.1:<0.25671.0>:ldap_util:with_authenticated_connection:61]Bind for dn "<ud>cn=Administrator,ou=Users,dc=couchbase,dc=com</ud>":
{error, invalidCredentials}[ns_server:debug,2019-01-10T01:32:45.519-08:00,ns_1@127.0.0.1:ns_audit<0.392.0>:ns_audit:handle_call:114]Audit login_failure: [{real_userid,{[
{domain,rejected},{user,<<"<ud>Administrator</ud>">>}]}},
{remote,{[{ip,<<"10.112.180.1">>},\{port,52648}]}},
{timestamp,<<"2019-01-10T01:32:45.519-08:00">>}]
[ns_server:debug,2019-01-10T01:32:55.006-08:00,ns_1@127.0.0.1:ns_audit<0.392.0>:ns_audit:handle_call:114]Audit login_failure: [{real_userid,{[{domain,rejected}
,
{user,<<"<ud>Administrator</ud>">>}]}},
{remote,{[{ip,<<"10.112.180.1">>},\{port,52648}]}},
{timestamp,<<"2019-01-10T01:32:55.006-08:00">>}]
Now wait for few seconds and refresh the browser and then try to login again. This time it is 'Administrator' as builtin user.
[ns_server:debug,2019-01-10T01:33:04.541-08:00,ns_1@127.0.0.1:ns_audit<0.392.0>:ns_audit:handle_call:114]Audit login_success: [{roles,[<<"admin">>]},
{real_userid,{[{domain,builtin},
{user,<<"<ud>Administrator</ud>">>}
]}},
{sessionid,<<"01ee24aa72430d20cad09f394fd88294">>}
,
{remote,{[
{ip,<<"10.112.180.1">>},{port,52648}]}},
{timestamp,<<"2019-01-10T01:33:04.541-08:00">>}
]