Unable to connect (LDAP-Error: Could not authenticate at the LDAP-Server.)

[stepcellwolf]

Describe the bug

I'm not able to connect OpenProject with YunoHost LDAP. I get the following error: Unable to connect (LDAP-Error: Could not authenticate at the LDAP-Server.)

Context

• Hardware: VPS bought online
• YunoHost version: 11.2.10
• OpenProject version: 12.5.8~ynh1
• I have access to my server: Through SSH | through the webadmin
• Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: no
• Using, version/branch: master
• Yunohost and Openproject in same server.

Steps to reproduce

• On OpenProject Admin -> Authentication -> LDAP authentication we add the LDAP yunohost settings
• I tried with host name localhost & 127.0.0.1
• With LDAP port 389 and LDAPS port 636
• Connection encryption: None
• System Account
  1. Account: cn=admin,dc=yunohost,dc=org
  2. Password: password
• LDAP Details
  1. Base DN: ou=users,dc=yunohost,dc=org
  2. Filter string: (&(|(objectclass=posixAccount))(uid=%uid)(permission=cn=openproject.main,ou=permission,dc=yunohost,dc=org))
• Attribute Mapping
  1. Username: uid
  2. Fist Name: displayname
  3. Email: mail

Get the error: Unable to connect (LDAP-Error: Could not authenticate at the LDAP-Server.)

I'm able to connect remotely and from localhost in yunohost: `ldapsearch -x -LLL -H ldap://localhost -D "uid=admin,ou=users,dc=yunohost,dc=org" -w 'admin' -b "dc=yunohost,dc=org"

Expected behavior

I also compared settings from Nextcloud and a few other apps settings.

Logs

Feb 19 21:10:06 domain.tld openproject-web-1.service[1466761]: I, [2024-02-19T21:10:06.133119 #1466761]  INFO -- : Started GET "/admin/ldap_auth_sources/2/test_connection" for 2a02:3s102:4c35:80s0:f140:111a:ff61:6b68 at 2024-02-19 21:10:06 +0000
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466761]: I, [2024-02-19T21:10:06.136427 #1466761]  INFO -- : Processing by LdapAuthSourcesController#test_connection as HTML
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466761]: I, [2024-02-19T21:10:06.136446 #1466761]  INFO -- :   Parameters: {"id"=>"2"}
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466761]: I, [2024-02-19T21:10:06.141312 #1466761]  INFO -- : Redirected to https://scrum.domain.tld/admin/ldap_auth_sources
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466761]: I, [2024-02-19T21:10:06.141368 #1466761]  INFO -- : Completed 302 Found in 5ms (ActiveRecord: 1.3ms | Allocations: 3103)
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466755]: I, [2024-02-19T21:10:06.216374 #1466755]  INFO -- : Started GET "/admin/ldap_auth_sources" for 2as02:3s102:4c35:800:f140:111a:ff61:6b68 at 2024-02-19 21:10:06 +0000
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466755]: I, [2024-02-19T21:10:06.218743 #1466755]  INFO -- : Processing by LdapAuthSourcesController#index as HTML
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466755]: I, [2024-02-19T21:10:06.227210 #1466755]  INFO -- :   Rendered auth_sources/index.html.erb within layouts/admin (Duration: 3.4ms | Allocations: 2577)
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466755]: I, [2024-02-19T21:10:06.253074 #1466755]  INFO -- :   Rendered layouts/base.html.erb (Duration: 25.7ms | Allocations: 40130)
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466755]: I, [2024-02-19T21:10:06.253120 #1466755]  INFO -- :   Rendered layout layouts/admin.html.erb (Duration: 29.4ms | Allocations: 42908)
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466755]: I, [2024-02-19T21:10:06.253229 #1466755]  INFO -- : Completed 200 OK in 34ms (Views: 26.8ms | ActiveRecord: 3.9ms | Allocations: 45874)
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466755]: I, [2024-02-19T21:10:06.695570 #1466755]  INFO -- : Started GET "/api/v3/configuration" for 2a02:31s02:4c35:80s0:f140:111a:ff61:6b68 at 2024-02-19 21:10:06 +0000
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466755]: I, [2024-02-19T21:10:06.703892 #1466755]  INFO -- : duration=5.58 db=1.26 view=4.32 status=200 method=GET path=/api/v3/configuration params={} host=scrum.domain.tld user=3
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466755]: I, [2024-02-19T21:10:06.750278 #1466755]  INFO -- : Started GET "/api/v3/notifications?pageSize=0&filters=%5B%7B%22readIAN%22%3A%7B%22operator%22%3A%22%3D%22%2C%22values%22%3A%5B%22f%22%5D%7D%7D%5D" for 2a0s2:31s02:4c3s5:800:f140:111a:ff61:6b68 at 2024-02-19 21:10:06 +0000
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466755]: I, [2024-02-19T21:10:06.768743 #1466755]  INFO -- : duration=16.54 db=4.28 view=12.26 status=200 method=GET path=/api/v3/notifications params={"pageSize"=>"0", "filters"=>"[{\"readIAN\":{\"operator\":\"=\",\"values\":[\"f\"]}}]"} host=scrum.domain.tld user=3
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466755]: I, [2024-02-19T21:10:06.949154 #1466755]  INFO -- : Started GET "/api/v3/capabilities?pageSize=-1&filters=%5B%7B%22principal%22%3A%7B%22operator%22%3A%22%3D%22%2C%22values%22%3A%5B%223%22%5D%7D%7D%2C%7B%22context%22%3A%7B%22operator%22%3A%22%3D%22%2C%22values%22%3A%5B%22g%22%5D%7D%7D%2C%7B%22action%22%3A%7B%22operator%22%3A%22%3D%22%2C%22values%22%3A%5B%22projects%2Fcreate%22%5D%7D%7D%5D" for 2a02:s3102:4cs35:8s00:f140:111a:ff61:6b68 at 2024-02-19 21:10:06 +0000
Feb 19 21:10:06 domain.tld openproject-web-1.service[1466755]: I, [2024-02-19T21:10:06.973768 #1466755]  INFO -- : duration=21.87 db=8.92 view=12.95 status=200 method=GET path=/api/v3/capabilities params={"pageSize"=>"-1", "filters"=>"[{\"principal\":{\"operator\":\"=\",\"values\":[\"3\"]}},{\"context\":{\"operator\":\"=\",\"values\":[\"g\"]}},{\"action\":{\"operator\":\"=\",\"values\":[\"projects/create\"]}}]"} host=scrum.domain.tld user=3
Feb 19 21:10:16 domain.tld openproject-web-1.service[1466761]: I, [2024-02-19T21:10:16.827034 #1466761]  INFO -- : Started GET "/api/v3/notifications?pageSize=0&filters=%5B%7B%22readIAN%22%3A%7B%22operator%22%3A%22%3D%22%2C%22values%22%3A%5B%22f%22%5D%7D%7D%5D" for 2a02:3102:4c35:800:f140:s111a:ffs61:6bs68 at 2024-02-19 21:10:16 +0000

[stepcellwolf]

Fixed the issue as described here