LDAP integration problems

Questions, comments, discussions. Over time certain topics might be moved to their own category.
itsadmin
Posts: 3
Joined: Thu May 14, 2020 3:36 am

LDAP integration problems

Post by itsadmin »

Greetings,

I have downloaded Mayan 3.4.7 and have it working with defaults from docker-compose distribution. I'm running it from my Ubuntu 18.04 home directory with the following configuration settings in my .env file:

MAYAN_APP_VOLUME=/home/bradc/mayan-volumes
MAYAN_REDIS_VOLUME=/home/bradc/mayan-redis
MAYAN_POSTGRES_VOLUME=/home/bradc/mayan-postgres

When I start it without LDAP configured, all is fine. Now, I'm trying to connect Mayan to LDAP to get it working, following the instructions found in the link viewtopic.php?f=15&t=1606. So, I modify the docker-compose.yml file to be as follows:

Code: Select all

...
    environment: &mayan_env
      # Enable to use RabbitMQ
      # MAYAN_CELERY_BROKER_URL: amqp://${MAYAN_RABBITMQ_USER:-mayan}:${MAYAN_RABBITMQ_PASSWORD:-mayanrabbitpass}@rabbitmq:5672/${MAYAN_RABBITMQ_VHOST:-mayan}
      # To use RabbitMQ as broker, disable Redis as broker
      MAYAN_CELERY_BROKER_URL: redis://:${MAYAN_REDIS_PASSWORD:-mayanredispassword}@redis:6379/0
      MAYAN_CELERY_RESULT_BACKEND: redis://:${MAYAN_REDIS_PASSWORD:-mayanredispassword}@redis:6379/1
      MAYAN_DATABASES: "{'default':{'ENGINE':'django.db.backends.postgresql','NAME':'${MAYAN_DATABASE_DB:-mayan}','PASSWORD':'${MAYAN_DATABASE_PASSWORD:-mayandbpass}','USER':'${MAYAN_DATABASE_USER:-mayan}','HOST':'postgresql'}}"
      MAYAN_DOCKER_WAIT: "postgresql:5432 redis:6379"
      # Replace with the line below when using RabbitMQ
      # MAYAN_DOCKER_WAIT: "postgresql:5432 redis:6379 rabbitmq:5672"
      # To add operating system packages, like additional OCR language,
      # packages, put then in the variable below.
      # MAYAN_APT_INSTALLS: "tesseract-ocr-deu tesseract-ocr-nld"
      # To add Python libraries, like LDAP, put then in the variable below.
      # MAYAN_PIP_INSTALLS: "python-ldap"
      #
      MAYAN_PIP_INSTALLS: "python-ldap django_auth_ldap"
      MAYAN_APT_INSTALLS: "tesseract-ocr-eng libsasl2-dev python3-dev libldap2-dev libssl-dev libgle3 build-essential autoconf libtool pkg-config gcc"
      MAYAN_SETTINGS_MODULE: "mayan_settings.myldapsettings"
...
I then place the mayan_settings.myldapsettings file in the /home/bradc/mayan-volumes/mayan-settings directory and proceed to re-start mayan. It begins to startup, but I get the following error in my docker logs for the container:

Code: Select all

mayan: starting entrypoint.sh
Waiting for postgresql:5432
Waiting for redis:6379
mayan: update_uid_gid()
mayan: os_package_installs()
Get:1 http://deb.debian.org/debian buster InRelease [121 kB]
Get:2 http://security.debian.org/debian-security buster/updates InRelease [65.4 kB]
Get:3 http://deb.debian.org/debian buster-updates InRelease [49.3 kB]
Get:4 http://deb.debian.org/debian buster/main amd64 Packages [7905 kB]
Get:5 http://deb.debian.org/debian buster-updates/main amd64 Packages [7380 B]
Get:6 http://security.debian.org/debian-security buster/updates/main amd64 Packages [198 kB]
Fetched 8347 kB in 1s (8107 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
autoconf is already the newest version (2.69-11).
build-essential is already the newest version (12.6).
libsasl2-dev is already the newest version (2.1.27+dfsg-1+deb10u1).
gcc is already the newest version (4:8.3.0-1).
libgle3 is already the newest version (3.1.0-7.2).
libtool is already the newest version (2.4.6-9).
libldap2-dev is already the newest version (2.4.47+dfsg-3+deb10u2).
libssl-dev is already the newest version (1.1.1d-0+deb10u3).
pkg-config is already the newest version (0.29-6).
python3-dev is already the newest version (3.7.3-1).
tesseract-ocr-eng is already the newest version (1:4.00~git30-7274cfa-1).
0 upgraded, 0 newly installed, 0 to remove and 33 not upgraded.
W: --force-yes is deprecated, use one of the options starting with --allow instead.
mayan: pip_installs()
The directory '/home/mayan/.cache/pip/http' or its parent directory is not owned by the current user and the cache has been disabled. Please check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
The directory '/home/mayan/.cache/pip' or its parent directory is not owned by the current user and caching wheels has been disabled. check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
Requirement already satisfied: python-ldap in /opt/mayan-edms/lib/python3.7/site-packages (3.2.0)
Requirement already satisfied: django_auth_ldap in /opt/mayan-edms/lib/python3.7/site-packages (2.1.1)
Requirement already satisfied: pyasn1>=0.3.7 in /opt/mayan-edms/lib/python3.7/site-packages (from python-ldap) (0.4.8)
Requirement already satisfied: pyasn1_modules>=0.1.5 in /opt/mayan-edms/lib/python3.7/site-packages (from python-ldap) (0.2.8)
Requirement already satisfied: Django>=1.11 in /opt/mayan-edms/lib/python3.7/site-packages (from django_auth_ldap) (2.2.12)
Requirement already satisfied: sqlparse in /opt/mayan-edms/lib/python3.7/site-packages (from Django>=1.11->django_auth_ldap) (0.3.1)
Requirement already satisfied: pytz in /opt/mayan-edms/lib/python3.7/site-packages (from Django>=1.11->django_auth_ldap) (2019.1)
mayan: performupgrade()
Traceback (most recent call last):
  File "/opt/mayan-edms/lib/python3.7/site-packages/django/core/management/__init__.py", line 204, in fetch_command
    app_name = commands[subcommand]
KeyError: 'performupgrade'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/mayan-edms/bin/mayan-edms.py", line 10, in <module>
    execute_from_command_line(sys.argv)
  File "/opt/mayan-edms/lib/python3.7/site-packages/django/core/management/__init__.py", line 381, in execute_from_command_line
    utility.execute()
  File "/opt/mayan-edms/lib/python3.7/site-packages/django/core/management/__init__.py", line 375, in execute
    self.fetch_command(subcommand).run_from_argv(self.argv)
  File "/opt/mayan-edms/lib/python3.7/site-packages/django/core/management/__init__.py", line 211, in fetch_command
    settings.INSTALLED_APPS
  File "/opt/mayan-edms/lib/python3.7/site-packages/django/conf/__init__.py", line 79, in __getattr__
    self._setup(name)
  File "/opt/mayan-edms/lib/python3.7/site-packages/django/conf/__init__.py", line 66, in _setup
    self._wrapped = Settings(settings_module)
  File "/opt/mayan-edms/lib/python3.7/site-packages/django/conf/__init__.py", line 157, in __init__
    mod = importlib.import_module(self.SETTINGS_MODULE)
  File "/usr/lib/python3.7/importlib/__init__.py", line 127, in import_module
    return _bootstrap._gcd_import(name[level:], package, level)
  File "<frozen importlib._bootstrap>", line 1006, in _gcd_import
  File "<frozen importlib._bootstrap>", line 983, in _find_and_load
  File "<frozen importlib._bootstrap>", line 965, in _find_and_load_unlocked
ModuleNotFoundError: No module named 'mayan_settings.myldapsettings'
What am I missing? Thank-you for any pointers you can offer.
ebotzki
Posts: 10
Joined: Fri May 01, 2020 2:26 pm

Re: LDAP integration problems

Post by ebotzki »

"I then place the mayan_settings.myldapsettings file in the /home/bradc/mayan-volumes/mayan-settings directory"

is there a miss type there? if it is in /home/bradc/mayan-volumes/mayan-settings then edit your settings line to this

Code: Select all

MAYAN_SETTINGS_MODULE: "mayan-settings.myldapsettings"
If that does not work I'm not really sure. Also try.

Code: Select all

MAYAN_SETTINGS_MODULE: "myldapsettings"

two other options are to change the settings path to /home/bradc/mayan-volumes/mayan_settings with the settings the way they are or try with the changed directory path.

Code: Select all

MAYAN_SETTINGS_MODULE: "myldapsettings"

The error means it can not find your myldapsettings file. I never figured out where it starts from to look for them but that is your problem.

I could never get the docker version to work for that and other reasons. I no longer have a server to play with for this as my management pulled the plug on the endeavor as the user interface was to complex for what he wanted.

Hope that helps
itsadmin
Posts: 3
Joined: Thu May 14, 2020 3:36 am

Re: LDAP integration problems

Post by itsadmin »

Thanks ebotzki, but all your suggestions end up the same for me--dead end and not working as I'm not able to determine (as you said) where mayan looks for the module(s) that are going to be included upon booting. Appreciate your suggestions and time you took to respond...but nothing you suggested seemed to work (yes, I did have a typo) the directory path should have been /home/bradc/mayan-volumes/mayan_settings/mayan_settings.myldapsettings NOT /home/bradc/mayan-volumes/mayan-settings/mayan_settings.myldapsettings. Typing isn't exactly my strong suit at the end of the day :-\

So unless any others chime in with a suggestion before a few days pass, I will likely move on to other options...
itsadmin
Posts: 3
Joined: Thu May 14, 2020 3:36 am

Re: LDAP integration problems

Post by itsadmin »

Ok...went back double/triple read the instructions, carefully making sure the local LDAP settings file was named as it should be, and got MayanEDMS to boot without restarting repeatdedly. Now, the issue is that I can't authenticate using the admin user I created locally in Mayan that exists in our LDAP server.

I've tested the LDAP_USER_SEARCH string using Apache Directory Studio connected to our LDAP server, and it returns a result using the same LDAP query. Am now getting login error "Please enter a correct Username and password. Note that both fields may be case-sensitive. " when using the appropriate username and password. LDAP debug doesn't tell me much in the Mayan logs unfortunately-- :|
Post Reply