Can't have LDAP authentication work with IBM Tivoli LDAP server

[wahaha2001]

Hi all,

Try to use our Tivoli LDAP server for authentication but failed.

Below is my setting. Note ldapsearch can work with following calls :

      ldapsearch -H ldap://www.wahaha.com:389 -x -b "c=cn,ou=names,o=wahaha.com" -s one "(&(objectClass=Person)(uid=9922331))" mail
      ldapsearch -H ldap://www.wahaha.com:389 -x -b "c=cn,ou=names,o=wahaha.com" -s one "(&(objectClass=Person)(mail=me@wahaha.com))" mail

ldapsearch output :

# extended LDIF
#
# LDAPv3
# base <c=cn,ou=names,o=wahaha.com> with scope oneLevel
# filter: (&(objectClass=Person)(mail=me@wahaha.com))
# requesting: mail
#

#9922331, cn, names, wahaha.com
dn: uid=9922331,c=cn,ou=names,o=wahaha.com
mail: me@wahaha.com

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

My ldap setting, please help check if anything need be fixed.

auth:
  throttling:
    enable: true
    threshold: 3
  providers: [ldap] # [local, kerberos, ldap] - You can specify the order
  local:
    enableRegistration: true
    passwordRegex: ^.{8,64}$
    salt: secretsauce # Required when upgrading from version < 0.3
  ldap:
    connect_settings:
      url: ldap://www.wahaha.com:389
      socketPath:
    bind_options:
      bindDN:
      bindCredentials:
    search:
      base: c=cn,ou=names,o=wahaha.com
      opts:
        scope: one
        filter: (&(objectClass=Person)(uid={username}))
        attributes: []
    field_mappings:
      uid: uid
      firstName: givenName
      lastName: sn
      displayName: callupname
      email: mail

btw, no error reported in console except this one : express deprecated req.host: Use req.hostname instead node_modules/express.oi/lib/index.js:72:46

[funkaoshi]

Hey, could you please move this question over to the Let's Chat mailing list. That's where we are trying to deal with any support issues.

Github issues should be used to track features and specific bugs in the code.