No computers listed in Veyon-Master, LDAP backend
-
Hello,
I have just started transitioning our environment to LDAP, so I am wanting our Veyon installation to use LDAP as well. I have filled out all the settings in veyon-configurator, and successfully ran all the integration tests. However, when I log into Veyon-Master, I can't see any computers. All of the rooms have shown up, but none of the computers are listed.I'm at a loss for where to go from here. The integration tests show all the rooms, and they show the computers in the room if I specify a room, but they do not show up in Veyon-Master.
We are on the newest version of Veyon 4.2.2, on Ubuntu 18.04. For testing I have set the access control to grant access to any authenticated. The troubleshooting guide mentions telneting to port 11100 on local host, and then remotely. This works on local host, but does not work remotely. I checked netstat and it looks like the veyon service is listening on port 11100 for ipv6 connections, and 11200 for ipv4 connections. I can telnet to port 11200 remotely. Is this the expected behaviour?
-
@tobydox
Our computers are organized by computer groups. All computers in the building are in the same OU, and then they are assigned to a room via their group. For example, all of the computers in the Library are in the Library group. These are the room names that do show up in Veryon-Master.EDIT: I Tried Veyon 2.2.3, and am still unable to see any computers.
EDIT2: I have uploaded a copy of our VeyonMaster.log here: https://cloud.hermon.net/index.php/s/iozjn2zmzpo3gxQ
I can see the ldap query where it returns the list of rooms, and the query where it returns a list of computers, but I cannot see where it matches the two together.
Thank you.
-
I found the issue. I had the "Location Name Attribute" set to "description", which in my case is the human readable name for the computer group. This worked with the Integration test, but Veyon Master must use a different search query because it was returning 0 results. I had to set the Location Name Attribute to "cn", which is less visually appealing, but still works.
For example, our Library group is called "HHS Library", but the group name cannot contain spaces, so the cn attribute is "hhs-library" and the description attribute is "HHS Library".
This is the query that was not working, with Location Name Attribute set to "description":
2019-07-02T14:14:26.072: [DEBUG] [KLDAP] asyncSearch() base=" "cn=hostgroups,cn=accounts,dc=int,dc=hermon,dc=net" " scope= 1 filter=" "(&(objectClass=ipaHostGroup)(cn=HHS Library))" " attrs= ()Since I had set "Location Name Attribute" to "description", this is what I expected the query to be:
2019-07-02T14:14:26.072: [DEBUG] [KLDAP] asyncSearch() base=" "cn=hostgroups,cn=accounts,dc=int,dc=hermon,dc=net" " scope= 1 filter=" "(&(objectClass=ipaHostGroup)(description=HHS Library))" " attrs= ()So now i'm not sure if this is a bug, or if I am just misunderstanding how the configuration is supposed to work.
Thank you.
-
Thank you very much for investigating this issue! Your analysis helped me to find the bug in the code quickly. I uploaded an intermediate build including the fix at https://github.com/veyon/veyon/releases/download/v4.2.3/veyon-4.2.3.5-win64-setup.exe - after updating you should be able to use
descriptionas location name attribute with computer groups.