Open KPull opened 3 years ago
DerpgonCz
commented
2 years ago I also encountered this bug and fixed it the same way.
Although a fix is possible, and fairly easy, maybe it is worth waiting for version 8.x for LDAP / SAML support that will be coded from ground zero.
Is there any confirmation of those features appearing? Currently, those features were completely removed in v8.1
bu3tt1
commented
2 years ago I have also encountered this error as well as many other people who have described it in the forum, see: https://community.suitecrm.com/t/openldap-integration/30770 and https://community.suitecrm.com/t/with-ldap-getting-no-such-object/30385
SuiteBot
commented
2 years ago This issue has been mentioned on SuiteCRM. There might be relevant details there:
https://community.suitecrm.com/t/with-ldap-getting-no-such-object/30385/2
Issue
I've got an OpenLDAP server containing an administrative LDAP record and a number of other user accounts organized in an
ousubtree. I've entered the administrative account details in the "Authentication" section of the LDAP password settings of SuiteCRM. Now, when I type in the correct credentials of the user I want to login in, I get the error "No such object" on the login page.The logs also show:
Possible Fix
From the code, I've noticed that SuiteCRM first binds to the Administrative LDAP user, searches for the user requesting login and then binds to that user to verify that the password is correct. It then tries to load the user's record but the bound user themselves does not have permission to do so.
Correct me if I'm wrong but shouldn't the user's info be obtained while the connection is bound to the Administrative account? If I add a
ldap_bind(..)with the administrative account immediately after https://github.com/salesagility/SuiteCRM/blob/master/modules/Users/authentication/LDAPAuthenticate/LDAPAuthenticateUser.php#L111, login does work as expected.Your Environment