FIDO docker external LDAP connection fail

Question

FIDO docker external LDAP connection fail

prathapcoder opened this issue 2 years ago · comments

** LDAP connection fail due IP address not changing **

base64-input.sh:
LDAP_URLPORT='ldap://192.168.226.129:1389'
LDAP_TYPE='LDAP'
LDAP_BINDDN='cn=Directory Manager'

** server.log:*
ldape.cfg.property.service.ce.ldap.ldapurl: ldap://localhost:1389
it taking defualt localhost instead of given ip 192.168.226.129.

Please resolve my issue.
Thank you.

Patrick Leung · Answer 1 · Fri Mar 04 2022 03:15:23 GMT+0800 (China Standard Time)

Hi @prathapcoder,
Could you take a look at the ldape.cfg.property.service.ce.ldap.ldapurl property in your /usr/local/strongkey/skce/etc/skce-configuration.properties file?
The value of that property should be changed in the entrypoint script, but if it is set to localhost then something may have gone wrong when running the entrypoint script during container creation.

Prathap Badavath · Answer 2 · Fri Mar 04 2022 09:44:23 GMT+0800 (China Standard Time)

Hi @prathapcoder, Could you take a look at the ldape.cfg.property.service.ce.ldap.ldapurl property in your /usr/local/strongkey/skce/etc/skce-configuration.properties file? The value of that property should be changed in the entrypoint script, but if it is set to localhost then something may have gone wrong when running the entrypoint script during container creation.

skce-configuration.properties file not created in this (/usr/local/strongkey/skce/etc/) location.
Even i comment the following lines in entrypoint.sh file. please check.

entrypoint.sh
#rm -f $STRONGKEY_HOME/appliance/etc/appliance-configuration.properties $STRONGKEY_HOME/skce/etc/skce-configuration.properties $STRONGKEY_HOME/skfs/etc/skfs-configuration.properties

Patrick Leung · Answer 3 · Sat Mar 05 2022 02:30:20 GMT+0800 (China Standard Time)

Hi @prathapcoder,

In lines 61-70 of the entrypoint script, these values should be set in a newly created /usr/local/strongkey/skce/etc/skce-configuration.properties.
Try adding some prints in your entrypoint and remove the "-d" option from your docker run command to run the container in foreground mode to see your entrypoint prints.

Prathap Badavath · Answer 4 · Sat Mar 05 2022 09:26:22 GMT+0800 (China Standard Time)

Hi @prathapcoder,

In lines 61-70 of the entrypoint script, these values should be set in a newly created /usr/local/strongkey/skce/etc/skce-configuration.properties. Try adding some prints in your entrypoint and remove the "-d" option from your docker run command to run the container in foreground mode to see your entrypoint prints.

yes i added some prints (echo command) and removed "-d" option, but those line not printingl.
I added echo lines in my entrypoint.h file.
echo "skce-configuration.........."
cat >> $STRONGKEY_HOME/skce/etc/skce-configuration.properties <<- EOFSKCECONF
ldape.cfg.property.service.ce.ldap.ldapurl=$LDAP_URLPORT
ldape.cfg.property.service.ce.ldap.ldaptype=$LDAP_TYPE
ldape.cfg.property.service.ce.ldap.ldapbinddn=$LDAP_BINDDN
ldape.cfg.property.service.ce.ldap.ldapbinddn.password=$LDAP_PASS
ldape.cfg.property.service.ce.ldap.ldapdnprefix=cn=
ldape.cfg.property.service.ce.ldap.ldapdnsuffix=$LDAP_DNSUFFIX
ldape.cfg.property.service.ce.ldap.basedn=$LDAP_BASEDN
ldape.cfg.property.service.ce.ldap.ldapgroupsuffix=$LDAP_GROUPSUFFIX
EOFSKCECONF
echo "LDAP URL"
echo $LDAP_URLPORT

Patrick Leung · Answer 5 · Mon Mar 07 2022 04:18:36 GMT+0800 (China Standard Time)

Hi @prathapcoder,

Have you made any changes to your dockerfile?
If your echo commands are not running then this may be an issue with bash or a missing entrypoint script within the container.

Try getting using a terminal within the container and checking to see if the entrypoint is there.

$> [sudo] docker exec -it <CONTAINER-ID> /bin/bash