Thank you! I found a solution yesterday. In the past I edited
pcastserverd.plist and removed MD5-Digest Authentication. This fix is
also stated in the Podcast Producer documentation. However the
documentation is not updated yet. It has a new location. Below is
from a great Apple tech who helped me out! Thank you!
The new location is:
{Shared Library}/Server/cluster_preferences.plist
The default array is:
<key>http_auth_type</key>
<array>
<string>basic</string>
<string>digest</string>
<string>kerberos</string>
</array>
Remove digest from the list.
We'll get the documentation updated.
~Steve
On Oct 7, 2009, at 7:30 AM, Everette Allen wrote:
Steven,
Not sure if this is your issue but I had a similar issue and had to
switch away from our openldap because I could not get the schema
added and populated.
Check to see if your open directory stores UUID numbers for each
user NOT just the normal unix UID number. All pcp code resolves
usernames to UUID numbers and then does the lookup. This is not
only a matter of having either the AD or OD schema loaded in the
OpenLdap server but also populating the UUID information.
You can test to see if authentication will work by using terminal to
run /usr/libexec/chkpasswd <shortusername> where <shortusername> is
replaced with a known working username. You can check and see if
uuid's are being returned using
/usr/bin/dsmemberutil getuuid -U <shortusername>
I hope this helps.
Steven J. Vogt wrote:
Greetings! I have been having problems having my external
OpenLDAP users authenticating into the the Podcast Capture
application. Below are some more specifics of my setup. If you
any ideas at all I'd love to hear them. Anything to point me in
the right direction would be excellent! Here is the setup (same as
in the past with PcP1)
PcP Server Hosts:
Open Directory
Podcast Producer
NFS
xGrid
It is connected to our OpenLDAP directory servers so external users
can authenticate. In the past I've had to modify
pcastserverd.plist to not use digest authentication for this to
work. I even had to do this on 10.5.6 and later. I'm not sure
why this was since 10.5.6+ allowed all three authentication
methods. I'm guessing something weird with our LDAP setup. With
the new setup:
I've tried doing the exact same thing. I can process jobs perfect
as local OpenDirectory users and everything works, but the actual
problem is I can't get any of my OpenLDAP accounts to
authenticate. They can authenticate to SSH and AFP, but no Podcast
Producer. :-(
I also noticed this in the logs when I try to authenticate. This
shows up in the Podcast Producer Application log:
Processing InfoController#index (for 12.36.49.2 at 2009-10-04
23:32:53) [GET]
Session ID: c95a45886688299f9ff11738743488a3
Parameters: {"version"=>"2"}
Rendering info/index.xml.builder
Completed in 12ms (View: 8, DB: 1) | 200 OK [https://myserver.myschool.edu/podcastproducer/info?version=2
]
Processing WorkflowsController#index (for 12.36.49.2 at 2009-10-04
23:32:54) [GET]
Session ID: 97ec154f1d798d1a12e2892819a8107ahp
Parameters: {"action"=>"index", "language"=>"en", "version"=>"2",
"controller"=>"workflows"}
Rendering default/failed.xml.builder (401)
Filter chain halted as [:authorize] rendered_or_redirected.
Completed in 46ms (View: 1, DB: 1) | 401 Unauthorized [https:// <https://myserver.myschool.edu/podcastproducer/workflows?version=2&language=en
>myserver.myschool.edu <https://myserver.myschool.edu/podcastproducer/info?version=2
>/podcastproducer/workflows?version=2&language=en]
Processing WorkflowsController#index (for 12.36.49.2 at 2009-10-04
23:32:54) [GET]
Session ID: 97ec154f1d798d1a12e2892819a8107a
Parameters: {"action"=>"index", "language"=>"en", "version"=>"2",
"controller"=>"workflows"}
Rendering default/failed.xml.builder (401)
Filter chain halted as [:authorize] rendered_or_redirected.
Completed in 54ms (View: 1, DB: 1) | 401 Unauthorized [https:// <https://myserver.myschool.edu/podcastproducer/workflows?version=2&language=en
>myserver.myschool.edu <https://myserver.myschool.edu/podcastproducer/info?version=2
>/podcastproducer/workflows?version=2&language=en]
Let me know if you have any more ideas. Thanks!
Steve
------------------------------------------------------------------------
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Podcast-producer mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
--
Everette Gray Allen Systems Programmer II
Office of Information Technology Macintosh Support Specialist
2620 Hillsborough St, Campus Box 7109
Raleigh, NC 27695-7109 AIM: EveretteAlln
919-515-4558 email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Podcast-producer mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
