Closed afreeland closed 7 years ago
Alright, managed to get it working after hating life for a few hours....here is an updated config example that hopefully helps others.
ldap:
enabled: true
url: 'ldap://<ldapServer>:389'
// FULL DN!!!! Dont strip anything out from the dsquery
bindDn: 'CN=<user>,OU=<organizationalUnit>,DC=<domain 1>,DC=<domain 2>,DC=org'
bindCredentials: '<password>'
searchBase: 'DC=<domain 1>,DC=<domain 2>,DC=org'
searchFilter: 'sAMAccountName={{username}}'
searchAttributes: ['displayName', 'mail']
I used
npm install passport-ldapauth
and believe the following config is correct...at least while looking at the documention on passport-ldapauth.I appear to be getting an Invalid username/password error, was hoping there was something obvious missing...Are there any gotchas when dealing with LDAP or does the config seem correct?
I have tried many options
Also, was able to use
dsquery
to get the bindDN piece...but still getting invalid user/pass for known good user/passdsquery user dc={domain},dc=org -samid {username}-s {serverIP}
Also temporarily changed
passport-ldapauth
to return back the actual error instead of the friendly handled error and received this80090308: LdapErr: DSID-0C0903A8, comment: AcceptSecurityContext error, data 52e, v1db1
I guess the
52e
represents 'Invalid Credentials'...but the credentials are definitely correct?So far no luck =/