LDAP - Not able to create AD users or synchronize after successfully authenticating

[royalaigle]

Page on which it happened

index.php?page=admin

Steps to reproduce

1. Install TeamPass ver 3.0.0.9
2. Configure LDAP, and successfully authenticate
3. Use "LDAP Synchronization" option, and it does not work.

Expected behaviour

Tell us what should happen

LDAP users will populate or would be able to select from them and create AD users

Actual behaviour

Tell us what happens instead When clicked on "LDAP authentication" nothing happens

Server configuration

Operating system: Windows NT 10.0 build 17763 (Windows Server 2016) AMD64

Web server: Apache/2.4.51 (Win64) PHP/7.4.26

Database: 5.5.5-10.5.13-MariaDB

PHP version: 7.4.26

Teampass version: 3.0.0.9

Teampass configuration file:

'max_latest_items' => '10',
'enable_favourites' => '1',
'show_last_items' => '1',
'enable_pf_feature' => '0',
'log_connections' => '1',
'log_accessed' => '1',
'time_format' => 'H:i:s',
'date_format' => 'd/m/Y',
'duplicate_folder' => '0',
'item_duplicate_in_same_folder' => '0',
'duplicate_item' => '0',
'number_of_used_pw' => '3',
'manager_edit' => '1',
'cpassman_dir' => 'D:/wamp64/www/teampass-3.0.0.9',
'cpassman_url' => 'http://<anonym_url>/teampass-3.0.0.9
'favicon' => 'http://<anonym_url>/teampass-3.0.0.9/favicon.ico',
'path_to_upload_folder' => 'D:/wamp64/www/teampass-3.0.0.9/upload',
'path_to_files_folder' => 'D:/wamp64/www/teampass-3.0.0.9/files',
'url_to_files_folder' => 'http://<anonym_url>/teampass-3.0.0.9/files',
'activate_expiration' => '0',
'pw_life_duration' => '0',
'maintenance_mode' => '0',
'enable_sts' => '0',
'encryptClientServer' => '1',
'cpassman_version' => '3.0.0.9',
'ldap_mode' => '1',
'ldap_type' => 'ActiveDirectory',
'ldap_suffix' => '0',
'ldap_domain_dn' => '0',
'ldap_domain_controler' => '0',
'ldap_user_attribute' => 'sAMAccountName',
'ldap_ssl' => '0',
'ldap_tls' => '0',
'ldap_elusers' => '1',
'ldap_search_base' => '0',
'ldap_port' => '389',
'richtext' => '0',
'allow_print' => '0',
'roles_allowed_to_print' => '0',
'show_description' => '1',
'anyone_can_modify' => '0',
'anyone_can_modify_bydefault' => '0',
'nb_bad_authentication' => '0',
'utf8_enabled' => '1',
'restricted_to' => '0',
'restricted_to_roles' => '0',
'enable_send_email_on_user_login' => '0',
'enable_user_can_create_folders' => '0',
'insert_manual_entry_item_history' => '0',
'enable_kb' => '0',
'enable_email_notification_on_item_shown' => '0',
'enable_email_notification_on_user_pw_change' => '0',
'custom_logo' => '',
'custom_login_text' => '',
'default_language' => 'english',
'send_stats' => '0',
'send_statistics_items' => 'stat_country;stat_users;stat_items;stat_items_shared;stat_folders;stat_folders_shared;stat_admins;stat_managers;stat_ro;stat_mysqlversion;stat_phpversion;stat_teampassversion;stat_languages;stat_kb;stat_suggestion;stat_customfields;stat_api;stat_2fa;stat_agses;stat_duo;stat_ldap;stat_syslog;stat_stricthttps;stat_fav;stat_pf;',
'send_stats_time' => '1641509739',
'get_tp_info' => '1',
'send_mail_on_user_login' => '0',
'nb_items_by_query' => 'auto',
'enable_delete_after_consultation' => '0',
'enable_personal_saltkey_cookie' => '0',
'personal_saltkey_cookie_duration' => '31',
'email_smtp_server' => '<removed>'
'email_smtp_auth' => '',
'email_auth_username' => '<removed>'
'email_auth_pwd' => '<removed>'
'email_port' => '',
'email_security' => '',
'email_server_url' => '',
'email_from' => '<removed>'
'email_from' => '<removed>'
'pwd_maximum_length' => '40',
'google_authentication' => '0',
'delay_item_edition' => '0',
'allow_import' => '0',
'proxy_ip' => '',
'proxy_port' => '',
'upload_maxfilesize' => '10mb',
'upload_docext' => 'doc,docx,dotx,xls,xlsx,xltx,rtf,csv,txt,pdf,ppt,pptx,pot,dotx,xltx',
'upload_imagesext' => 'jpg,jpeg,gif,png',
'upload_pkgext' => '7z,rar,tar,zip',
'upload_otherext' => 'sql,xml',
'upload_imageresize_options' => '1',
'upload_imageresize_width' => '800',
'upload_imageresize_height' => '600',
'upload_imageresize_quality' => '90',
'use_md5_password_as_salt' => '0',
'ga_website_name' => 'TeamPass for ChangeMe',
'api' => '0',
'subfolder_rights_as_parent' => '0',
'show_only_accessible_folders' => '0',
'enable_suggestion' => '0',
'otv_expiration_period' => '7',
'default_session_expiration_time' => '60',
'duo' => '0',
'enable_server_password_change' => '0',
'ldap_object_class' => '0',
'bck_script_path' => 'D:/wamp64/www/teampass-3.0.0.9/backups',
'bck_script_filename' => 'bck_teampass',
'syslog_enable' => '0',
'syslog_host' => 'localhost',
'syslog_port' => '514',
'manager_move_item' => '0',
'create_item_without_password' => '0',
'otv_is_enabled' => '0',
'agses_authentication_enabled' => '0',
'item_extra_fields' => '0',
'saltkey_ante_2127' => 'none',
'migration_to_2127' => 'done',
'files_with_defuse' => 'done',
'timezone' => 'UTC',
'enable_attachment_encryption' => '1',
'personal_saltkey_security_level' => '50',
'ldap_new_user_is_administrated_by' => '0',
'disable_show_forgot_pwd_link' => '1',
'offline_key_level' => '0',
'enable_http_request_login' => '0',
'ldap_and_local_authentication' => '1',
'secure_display_image' => '1',
'upload_zero_byte_file' => '0',
'upload_all_extensions_file' => '0',
'bck_script_passkey' => '<removed>'
'admin_2fa_required' => '1',
'password_overview_delay' => '4',
'copy_to_clipboard_small_icons' => '1',
'duo_akey' => '',
'duo_ikey' => '',
'duo_skey' => '',
'duo_host' => '',
'teampass_version' => '',
'roles_allowed_to_print_select' => '',
'clipboard_life_duration' => '30',
'mfa_for_roles' => '',
'tree_counters' => '0',
'onthefly-backup-key' => '',
'onthefly-restore-key' => '',
'ldap_hosts' => 'healthy.bewell.ca',
'ldap_bdn' => 'OU=Accounts,DC=healthy,DC=bewell,DC=ca',
'ldap_username' => 'CN=svc_diamant,OU=AHS,OU=Services,OU=Accounts,DC=healthy,DC=bewell,DC=ca',
'ldap_password' => 'Gv)n6%2j',
'ldap-test-config-username' => 'jeanjacquesmoke',
'ldap-test-config-pwd' => '',
'ldap_new_user_role' => '1',
'ldap_user_object_filter' => '(sAMAccountName={{username}})',

Updated from an older Teampass or fresh install:

Client configuration

Browser: Chrome - 97.0.4692.99

Operating system: Windows - 64bits

Logs

Web server error log

 -  ()

Teampass 10 last system errors

Log from the web-browser developer console (CTRL + SHIFT + i)

Insert the log here and especially the answer of the query that failed.

[nilsteampassnet]

Thank you for reporting.

Can you please share the console logs when this occurs? To know how to do this, please read https://teampass.readthedocs.io/en/latest/errors/ paragraph How to capture query error from the browser console?

[royalaigle]

Thank you for reporting.

Can you please share the console logs when this occurs? To know how to do this, please read https://teampass.readthedocs.io/en/latest/errors/ paragraph How to capture query error from the browser console?

{ "error": false, "entries": [], "ldap_groups": [], "teampass_groups": [ { "id": "1", "title": "Default" }, { "id": "2", "title": "Members" } ] }

[royalaigle]

Thank you for reporting. Can you please share the console logs when this occurs? To know how to do this, please read https://teampass.readthedocs.io/en/latest/errors/ paragraph How to capture query error from the browser console?

{ "error": false, "entries": [], "ldap_groups": [], "teampass_groups": [ { "id": "1", "title": "Default" }, { "id": "2", "title": "Members" } ] }

This is what I get. Nothing really displays other than this. Same thing also comes up on version 3.0.0.8

[nilsteampassnet]

@royalaigle Can you please install latest commit from master branch. Small changes have been performed regarding "active directory" that may help. Based upon this I could help. Notice that I don't have an "active directory" to perform tests, only an "openLDAP".

[lfmgmsolutions]

Hi @nilsteampassnet ! i have try with a latest commit but i can't synchronize my LDAP users list

if you want testing you can contact i have a Active Directory and lab teampass.