Support Questions
Find answers, ask questions, and share your expertise

Hue: disabling LDAP does not enable local "Add user"

Rising Star

Hello,

 

I am experimenting with LDAP integration, which I managed to make it work in Hue.

 

Now, I switched the 'backend' property back to 'desktop.auth.backend.AllowFirstUserDjango.Backend', restarted Hue and I can login with the local user as before LDAP.

 

However, on the User Admin page I still see "Add/Sync LDAP user" and not the local "Add user".

 

Which other option prevents the local functionality from showing up?

 

Thank you,

Gerasimos

1 ACCEPTED SOLUTION

Accepted Solutions

Super Guru

@gerasimos,

 

I think I opened a Jira on this a while back but forgot to follow up on it.

Try removing the LDAP server hostname from your Hue configuration.  I think if it has a value that tells Hue you plan on using LDAP to sync users.  The Jira I opened requests that both buttons be present (so you can add local but still sync from LDAP if desired).

 

Since the feature to import users is separate from the method of authentication, changing the auth method didn't impact the sync config.

View solution in original post

6 REPLIES 6

Super Guru

@gerasimos,

 

I think I opened a Jira on this a while back but forgot to follow up on it.

Try removing the LDAP server hostname from your Hue configuration.  I think if it has a value that tells Hue you plan on using LDAP to sync users.  The Jira I opened requests that both buttons be present (so you can add local but still sync from LDAP if desired).

 

Since the feature to import users is separate from the method of authentication, changing the auth method didn't impact the sync config.

View solution in original post

Rising Star

Yeap! Removing the URL auto-removed all the accompanied LDAP parameters (so I have to re-write them later to enable LDAP, which I tried to avoid)

 

Thank you,

Gerasimos

Rising Star

... but the "Password" fields are now disabled:

 

Screen Shot 2019-02-08 at 18.05.12.png

 

 

I edited the HTML page and removed "readonly=true", and I managed to create the user.

Super Guru

@gerasimos,

 

In the code, it appears if desktop.auth.backend.LdapBackend is configured, then the password fields are read-only as you see there.  Is it possible that you still have the LdapBackend set?  If you haven't yet, it may be good to log out and back into Hue after having reconfigured the auth backend to AllowFirstUserDjangoBackend.  I wonder if something may be cached in the browser.

Rising Star

You are right. I had forgot a dual backend configuration in hue_safety_valve.ini.

Super Guru

I'm glad that was it because I couldn't figure out many other possible causes of that sort of behavior :-).