2

Hey everyone I'm having an issue trying to get bugzilla authentication working again. I have looked all over and cant seem to find this anywhere. I am running bugzilla on a centOS server and over the weekend changed my network admin password causing LDAP to break for bugzilla.

I'm able to do LDAP searches on the server. I am just unable to locate any file that might be storing the old password or if I need to do something else to get the authentication working again, I am lost on what to do next I've been looking for days.

Any Suggestions would be greatly appreciated!

TL;DR - Updated Network Admin PW, LDAP Auth Broke for bugzilla, Any suggestions?

Thanks!

user1857654
  • 29
  • 1
  • 1
  • 7
  • Does everything start working if you set the admin password back to what it was? If not you may have a larger problem. – Daniel Widrick Jan 21 '15 at 14:36
  • Unfortunately I am unable to check this. The user had been updated in so many apps its to late to change it back. This was the last place(hadn't noticed it earlier because we where not working any bugs :-/. – user1857654 Jan 21 '15 at 14:38
  • Sounds like you have a bigger problem... Why are "so many" apps binding with the root DN? This would be less of an issue for you if each app had its own DN with appropriate privileges... If for some reason you cdon't care about that.. bugzilla must have some form of dedicated support form somewhere? – Daniel Widrick Jan 21 '15 at 14:43
  • Yes Bugzilla has a support form I wanted to post here first to see if anyone knew or had experienced the same thing I am. The community here is stronger and generally had a large knowledge of everything, not just their product. – user1857654 Jan 21 '15 at 14:45
  • I assume you have tried "grep -ir 'cn=Directory Manager' ../../bugzillaDirectory/*" and came up empty? (Replacing Directory Manager with your admin name). – Daniel Widrick Jan 21 '15 at 14:48
  • Thank you! I found it when I ran grep -ir 'cn=myname' / It ended up being in the /var/lib/bugzilla/data/params file. – user1857654 Jan 21 '15 at 14:56

2 Answers2

1

Ran the following command:

grep -ir 'cn=Directory Manager name' /

This resulted in my file being found @ /var/lib/bugzilla/data/params

Edited the file with vi.

The Directory Manager Name is the admin account that was used for LDAP.

'LDAPbinddn' => 'CN=Directory Manager name,CN=Users,DC=name,DC=COM:password'

Tested login and it worked without any reboot or service restart.

Thanks to lVlint67 for the grep command.

user1857654
  • 29
  • 1
  • 1
  • 7
  • The correct way to edit this value is, er, in the "LDAP" section of the Bugzilla parameters, i.e. Bugzilla's primary HTML configuration interface for administrators. It's a little surprising that when you had an LDAP problem, this was not somewhere you thought to look... :-) – Gervase Markham Jan 22 '15 at 16:25
  • Yes, Now we can do this. My issue was we didn't have access to that because we didn't have local account configured. – user1857654 Jan 22 '15 at 18:09
0

I would strongly recommend setting up other accounts for each application [or set of applications] with appropriate permissions. I find having several applications binding to the RootDN unsettling.

That said, I assume you have tried:

grep -ir 'cn=Directory Manager' ../../bugzillaDirectory/*

and came up empty? (Replacing Directory Manager with your admin name).

Daniel Widrick
  • 3,488
  • 2
  • 13
  • 27