I'm trying to use a "require group" filter during authentication. But unfortuantly the search return a NULL value.
For me the "Search group filter is" is not correct, because member is empty. I tryed it out with some pyhton code. If I fill "member=" with my user DN then it works correctly (in python)
I have no idea why my user DN isn't filled in correctly. I take a look on the source code but I have no idea.
Hi,
I'm trying to use a "require group" filter during authentication. But unfortuantly the search return a NULL value. For me the "Search group filter is" is not correct, because member is empty. I tryed it out with some pyhton code. If I fill "member=" with my user DN then it works correctly (in python)
I have no idea why my user DN isn't filled in correctly. I take a look on the source code but I have no idea.
What could be the problem?
Thanks for helping! best regards Simon
2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Username is "username" 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Authentication loop (phase=0, iteration=0) 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: request_timeout=10000 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Authentication loop (phase=1, iteration=0) 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Wants a free connection to "gdis" 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Search filter is "(&(objectClass=person)(sAMAccountname=username))" 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: ldap_search_ext() -> msgid=2 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Waking authentication request "GET / HTTP/1.1" 2020/04/28 09:32:58 [debug] 114919#0: 42 access phase: 9 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Authentication loop (phase=1, iteration=1) 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Authentication loop (phase=2, iteration=1) 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: User DN is "CN=username,OU=Standard,OU=DE,OU=UserAccounts,DC=de,DC=top,DC=com" 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Moving to group check 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Authentication loop (phase=3, iteration=0) 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Checking group 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Search user in group "CN=groupname,OU=PureGroups,OU=Resources,DC=de,DC=top,DC=com" 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Search group filter is "(&(CN=groupname)(member=))" 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: ldap_search_ext() -> msgid=3 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Waking authentication request "GET / HTTP/1.1" 2020/04/28 09:32:58 [debug] 114919#0: 42 access phase: 9 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Authentication loop (phase=3, iteration=1) 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Checking group 2020/04/28 09:32:58 [error] 114919#0: 42 http_auth_ldap: ldap_searchext() returned NULL result, client: 10.128.12.1, server: , request: "GET / HTTP/1.1", host: "" 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Authentication loop (phase=4, iteration=0) 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: no requirement satisfied 2020/04/28 09:32:58 [debug] 114919#0: 42 http_auth_ldap: Authentication loop (phase=6, iteration=0)
Configuration looks like this: