Openondemand not detecting ondemand-dex enabled

Get Help
1

Hi Everyone,

I’m trying to install Open Ondemand on our Ubuntu Slurm head node. However, I can’t get past the authentication portion. I’ve added and enabled dex ldap in the ood_config, but the web ui just seems to ignore it.

Any help is appreaciated.

Regards,
Kurt

2

Hi, and welcome! Could you share the dex portion of your ood_config.yml file?

3

Hi @hrandquist,

Here is the dex portion:

# Dex configurations, values inside the "dex" structure are directly used to configure Dex
# If the value for "dex" key is false or null, Dex support is disabled
# Dex support will auto-enable if ondemand-dex package is installed
dex:
  # Default based on if ssl key for ood-portal-generator is defined
  ssl: false
  # Only used if SSL is disabled
  http_port: "5556"
  # Only used if SSL is enabled
#  https_port: "5554"
  # tls_cert and tls_key take OnDemand configured values for ssl and copy keys to /etc/ood/dex maintaining file names
#  tls_cert: null
#  tls_key: null
#  storage_file: /etc/ood/dex/dex.db
#  grpc: null
#  expiry: null
  # Client ID, defaults to servername or FQDN
#  client_id: null
#  client_name: OnDemand
  # Client secret, value auto generated
  # A value that is a filesystem path can be used to store secret in a file
#  client_secret: /etc/ood/dex/ondemand.secret
   # The OnDemand redirectURI is auto-generated, this option allows adding additional URIs
#  client_redirect_uris: []
  # Additional Dex OIDC clients to configure
#  static_clients: []
  # The following example is to configure OpenLDAP
  # Docs: https://github.com/dexidp/dex/blob/master/Documentation/connectors/ldap.md
  connectors:
    - type: ldap
      id: ldap
      name: LDAP
      config:
        host: ldaps-url:639
        insecureSkipVerify: false
        bindDN: *****
        bindPW: *****
        userSearch:
          baseDN: ou=People,dc=internal,dc=Lab
          filter: "(objectClass=posixAccount)"
          username: uid
          idAttr: uid
          emailAttr: mail
		   nameAttr: gecos
          preferredUsernameAttr: uid
        groupSearch:
          baseDN: ou=Group,dc=internal,dc=Lab
          filter: "*"
          userMatchers:
            - userAttr: DN
              groupAttr: member
          nameAttr: cn
#  frontend:
#    theme: ondemand
#    dir: /usr/share/ondemand-dex/web
4

Figured out the issue. I thought I had disabled SSL for testing, but apparently I did not. Throwing in an ssl cert made it work.

5

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.