<div dir="ltr"><div>It may be possible that there's a failure in authenticating the ssl cert of your domain controller. Try adding the domain controller's public cert to your system's ssl trust store (how to do that is different for each linux distribution and ssl implementation<br></div><div><br></div><div><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr">----------<br>Chuck Atkins<br>Staff R&D Engineer, Scientific Computing<br>Kitware, Inc.<br></div></div></div></div></div></div></div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Mar 21, 2019 at 9:49 AM Zack Galbreath via CDash <<a href="mailto:cdash@public.kitware.com">cdash@public.kitware.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr">On Wed, Mar 6, 2019 at 1:58 PM Martin, Mark via CDash <<a href="mailto:cdash@public.kitware.com" target="_blank">cdash@public.kitware.com</a>> wrote:<br></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div lang="EN-US">
<div class="gmail-m_-8954228930931807475gmail-m_-385639609878629553WordSection1">
<p class="MsoNormal">Hello,<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">I’ve established a CDash and have successfully authenticated, via database authentication, the original admin user. However, I am experiencing difficulty authenticating other users via LDAP. My LDAP configuration, generally speaking,
looks like this:<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">$CDASH_USE_LDAP = ‘1’;<u></u><u></u></p>
<p class="MsoNormal">$CDASH_LDAP_HOSTNAME = ‘<a href="http://myldapserver.mydomain.com" target="_blank">myldapserver.mydomain.com</a>’;<u></u><u></u></p>
<p class="MsoNormal">$CDASH_LDAP_BASEDN = ‘ou=Users,dc=mydc,dc=mydc2’;<u></u><u></u></p>
<p class="MsoNormal">$CDASH_LDAP_PROTOCOL_VERSION = ‘3’;<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">I have concern that CDash may not be able to connect via ldaps://<a href="http://myldapserver.mydomain.com/" target="_blank">myldapserver.mydomain.com/</a>.<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">I am experiencing a login screen that just spins (loading) for ~3 minutes before refreshing the login screen. No error messages are being generated in the cdash.log file and no error messages are being displayed in the UI.<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Does anyone have any thoughts or advice on how I should proceed?</p></div></div></blockquote><div><br></div><div>I can't say I've seen this behavior before. Without a publicly visible reproducer, the best I can suggest is debugging by print statement. <a href="https://github.com/Kitware/CDash/blob/master/include/login_functions.php#L145" target="_blank">Here is where the relevant code for LDAP authentication lives</a>. And here's an example of how to write to cdash.log:</div><div><br></div><div>
<p class="gmail-m_-8954228930931807475gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(180,36,25)"><span class="gmail-m_-8954228930931807475gmail-s1" style="font-variant-ligatures:no-common-ligatures;color:rgb(0,0,0)"><span class="gmail-m_-8954228930931807475gmail-Apple-converted-space"> </span>add_log</span><span class="gmail-m_-8954228930931807475gmail-s2" style="font-variant-ligatures:no-common-ligatures;color:rgb(200,20,201)">(</span><span class="gmail-m_-8954228930931807475gmail-s1" style="font-variant-ligatures:no-common-ligatures;color:rgb(0,0,0)">'</span><span class="gmail-m_-8954228930931807475gmail-s3" style="font-variant-ligatures:no-common-ligatures">this is me writing to the log file</span><span class="gmail-m_-8954228930931807475gmail-s1" style="font-variant-ligatures:no-common-ligatures;color:rgb(0,0,0)">', '</span><span class="gmail-m_-8954228930931807475gmail-s3" style="font-variant-ligatures:no-common-ligatures">ldapAuth checkpoint #1</span><span class="gmail-m_-8954228930931807475gmail-s1" style="font-variant-ligatures:no-common-ligatures;color:rgb(0,0,0)">', LOG_WARNING</span><span class="gmail-m_-8954228930931807475gmail-s2" style="font-variant-ligatures:no-common-ligatures;color:rgb(200,20,201)">)</span><span class="gmail-m_-8954228930931807475gmail-s1" style="font-variant-ligatures:no-common-ligatures;color:rgb(0,0,0)">;</span></p></div><div><br></div><div>Good luck! Please let us know if you discover any juicy error messages.</div></div></div>
_______________________________________________<br>
CDash mailing list<br>
<a href="mailto:CDash@public.kitware.com" target="_blank">CDash@public.kitware.com</a><br>
<a href="https://public.kitware.com/mailman/listinfo/cdash" rel="noreferrer" target="_blank">https://public.kitware.com/mailman/listinfo/cdash</a><br>
</blockquote></div>