-
assigned issue to
Janos SUTO
Permission Denied with SSO
Issue #216
resolved
I have setup piler and would like to get SSO or LDAP working before I setup the link to get email archiving into it.
I have configured ntlm and sso, and apache shows a successful auth, and I see no errors in maillog, just sso login:username
searchd and piler are both running, and I have configured the smarthost as a local exchange server.
All I get when I try and login is 'permission denied' on the sso.php page. Can you point me in the direction to get this resolved?
Comments (6)
-
repo owner
-
repo owner
Please show me the relevant info from mail logs (see lines with "piler-webui"). What version do you use?
-
Hi Jsuto, its 0.1.24 on centos 6.5
Dec 18 16:33:44 GY-MA1 piler-webui[5904]: sso login: rmf Dec 18 16:34:19 GY-MA1 piler-webui[5903]: sso login: rmf Dec 18 16:34:26 GY-MA1 piler-webui[5908]: sso login: rmf Dec 18 16:36:12 GY-MA1 piler-webui[5907]: sso login: rmf
are the entries I'm getting, SSO looks like its working because I'm getting HTTP 200 responses for sso.php in apache access_log.
error_log reports successful ntlm auth?
[Wed Dec 18 17:13:23 2013] [debug] mod_auth_ntlm_winbind.c(787): [client 192.168.5.145] authenticated rmf
Exactly what do I need in config-site.php? I have seen conflicting information on the pdf guide and the website information. do I simply need the enable_sso parameter or is the ldap helper setup required? is this where it is failing, if I switch to ldap I get a message about being unable to bind using the helper account?
-
repo owner
Hello Richard, it seems that the underlying SSO part works properly. However the piler gui needs a helper account, please set $config['LDAP_HELPER_DN'] and $config['LDAP_HELPER_PASSWORD'] in config-site.php.
-
I have resolved the issue, there was a typo in config that took a fresh look to find!
Thank you for your help
-
repo owner
- changed status to resolved
Great!
- Log in to comment
