NetApp driver doesn't configure LDAP clients properly
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Shared File Systems Service (Manila) |
Fix Released
|
Medium
|
Douglas Viroel |
Bug Description
Description
===========
The NetApp driver does not configure all ldap client parameters, needed to authenticated with some LDAP servers.
It doesn't provide base distinguished name, which might be mandatory to query the information from servers.
When using Active Directory as LDAP Server, the field '-ad-domain' must be set instead of 'ldap-server' in ldap client creation.
The configuration option '-servers' is deprecated since ONTAP 9.2 (ontapi 1.120) and 'ldap-servers' should be used instead.
Steps to reproduce
==================
1. Create a 'ldap' security service with 'domain', 'dns' or 'ou' attributes
2. Associate the ldap security service to a share network
3. Create a new share in the share network
4. Check LDAP paramenters and 'ldap-status' in ONTAP.
Expected result
===============
LDAP status is up for Active Directory LDAP server.
LDAP client using a 'base-dn' configuration based on 'ou'.
DNS properly configured when user provides 'dns' and 'domain'.
Actual result
=============
Some LDAP client configurations are missing. Attributes like 'base-dn' and 'ad-domain', along with DNS configuration were not set.
Changed in manila: | |
importance: | Undecided → Medium |
Additional comments http:// eavesdrop. openstack. org/meetings/ manila/ 2021/manila. 2021-02- 25-15.01. log.html