At LDAP authentication users may have "invalid credentials" error when the case of the contact_ldap_dn from LDAP is different from the Centreon database one.
On LDAP side this information is case insensitive so it can change at a LDAP configuration, migration or other maintenance step and it is causing authentication problem even if the user is the correct one.
Steps to Reproduce
To reproduce the issue :
--Log out from Centreon
--Change the user DN case on Centreon database table "contact", field "contact_ldap_dn"
Ex: Change CN=TEST,OU=FR,OU=TEST,o=test,C=FR to CN=TEST,OU=FR,OU=TEST,O=TEST,C=FR
--Try to login again > you should got "invalid credential" error
Describe the received result
"invalid credential" error
Describe the expected result
Be able to login
Logs
PHP error logs
"[17-Apr-2023 17:03:14 Europe/Paris] PHP Notice: Undefined index: ldap_auto_sync in /usr/share/centreon/www/class/centreonLDAP.class.php on line 962"
### Additional relevant information (e.g. frequency, ...)
This bug can be fix by adding function strtolower to make the comparison case insensitive on the /www/class/centreonAuth.LDAP.class.php
--line 117 for 19.04 version:
$this->ldap->findUserDn($this->contactInfos['contact_alias']) !== $this->contactInfos['contact_ldap_dn'] replaced by strtolower($this->ldap->findUserDn($this->contactInfos['contact_alias'])) !== strtolower($this->contactInfos['contact_ldap_dn'])
--line 116 On the master branch:
$userDn !== $this->contactInfos['contact_ldap_dn'] replaced by strtolower($userDn) !== strtolower($this->contactInfos['contact_ldap_dn'])
Module version
centreon.noarch 19.04.20-4.el7.centos (after checking the concerned file it doesn't seem fix on the last version neither)
Operating System
CentOS 7
Browser used
Version: 111.0.5563.148
Additional environment details (AWS, VirtualBox, physical, etc.): Virtual machine
Description
At LDAP authentication users may have "invalid credentials" error when the case of the contact_ldap_dn from LDAP is different from the Centreon database one. On LDAP side this information is case insensitive so it can change at a LDAP configuration, migration or other maintenance step and it is causing authentication problem even if the user is the correct one.
Steps to Reproduce
To reproduce the issue : --Log out from Centreon --Change the user DN case on Centreon database table "contact", field "contact_ldap_dn" Ex: Change CN=TEST,OU=FR,OU=TEST,o=test,C=FR to CN=TEST,OU=FR,OU=TEST,O=TEST,C=FR --Try to login again > you should got "invalid credential" error
Describe the received result
"invalid credential" error
Describe the expected result
Be able to login
Logs
PHP error logs
"[17-Apr-2023 17:03:14 Europe/Paris] PHP Notice: Undefined index: ldap_auto_sync in /usr/share/centreon/www/class/centreonLDAP.class.php on line 962"