search

snipe / snipe-it

A free open source IT asset/license management system
https://snipeitapp.com
GNU Affero General Public License v3.0
10.87k stars 3.14k forks source link

I want to configure LDAP using Xampp in Windows 2012 #1490

Closed hegdemaahi24 closed 8 years ago

hegdemaahi24 commented 8 years ago

All is Running Fine.. @madd15 please Help to configure LDAP. user must login by using there own crenditial. @snipe u have to help me out of this. LDAP!!!

hegdemaahi24 commented 8 years ago

@snipe its little bit urgent can we configure Ldap. This is Configuration i did? in Ldap.php

/* -------------------------------------------------------------------------- URL
'url' => "ldap://s1.ind.macy.com:389", /* s1.ind.macy.com this is my Active Directory Server Name*/ 
/*
|--------------------------------------------------------------------------
| Username
|--------------------------------------------------------------------------

'username' => "cn=superadmin, dc=ind, dc=macy, dc=com",

'password' => "forgotpassword",

'basedn'   => "dc=ind, dc=macy, dc=com",

'filter' => "&(cn=*)",

'result.username' => " ",     /* @snipe uid of user was not set in active directory. None of the user uid is set in active directory */
'result.last.name'  => "super",
'result.first.name' => "admin",

'result.active.flag' => "",
'result.emp.num'  => "",
'result.email' => "",

'authentication.filter.query' => "uid=",

I had enabled extension of ldap in php.ini. I had copy paste the 3 dll file to my active directory server also in location of C:/windows/system32/ Three DLL file copied from C:\xampp\php libeay32.dll libsasl.dll ssleay32.dll.

But also i am unable to authenticate with LDAP.

Please help out of this Issue.

unbkbl commented 8 years ago

This is an example of a working configuration with Active directory using LDAP

<?php

return array(

/*
|--------------------------------------------------------------------------
| URL
|--------------------------------------------------------------------------
|
| URL for the LDAP server. This should start with ldap://, for example:
| ldap://ldap.yourserver.com. {This is be the ip address of my domain controller}
| 
*/
'url' => "172.29.2.232",

/*
|--------------------------------------------------------------------------
| Username
|--------------------------------------------------------------------------
|
| Username to use to connect authenticate to LDAP, for example:
| cn=read-only-admin,dc=example,dc=com
| 
*/
'username' => "CN=d3m ldap,OU=Special Accounts,OU=Users,OU=D3M,DC=delta,DC=it",

/*
|--------------------------------------------------------------------------
| Password
|--------------------------------------------------------------------------
|
| Password to use when authenticating to LDAP.
|
*/
'password' => "your_password",

/*
|--------------------------------------------------------------------------
| Basedn
|--------------------------------------------------------------------------
|
| The base where the search for users will be executed, for example:
| dc=example,dc=com
| {The particular OU here you store the users in your group/organization}
*/
'basedn'   => "OU=Users,OU=D3M,DC=delta,DC=it",

/*
|--------------------------------------------------------------------------
| Filter
|--------------------------------------------------------------------------
|
| The search filter for the LDAP query. This probably does not have to be
| changed.
|
*/
'filter' => "&(cn=*)",

/*
|--------------------------------------------------------------------------
| LDAP field names that will be retrieved to create a user.
|
| Using the username as an example:
| If I set 'result.username' => 'my-org-username', the code will connect to
| LDAP as follows (where $results[$i] represents a row in the LDAP query:
| $username-to-insert-in-snipe-it = $results[$i]["my-org-username"][0]
|
|--------------------------------------------------------------------------
|
| The search filter for the LDAP query.
| Note: all these fields are required, and they should all be lowercase.
|
*/
'result.username' => "",
'result.last.name'  => "",
'result.first.name' => "",

/*
| These fields are optional as not all LDAP directories will have it.  If yours
| does not have them, just leave these blank and the extra check will
| be omitted.
*/
'result.active.flag' => "",
'result.emp.num'  => "",
'result.email' => "",

/*
|--------------------------------------------------------------------------
| LDAP filter query for authentication
|--------------------------------------------------------------------------
|
| The LDAP query that we want to execute when authenticating a user. This
| should not have to be changed.
|
*/
'authentication.filter.query' => "uid=",

/*
|--------------------------------------------------------------------------
| LDAP Version
|--------------------------------------------------------------------------
|
| Version of LDAP you are using.
|
*/
'version' => 3,

);

hegdemaahi24 commented 8 years ago

capture

This is happening. Pls see above image @unbkbl

hegdemaahi24 commented 8 years ago

@unbkbl 'result.username' => "", 'result.last.name' => "", 'result.first.name' => "", is this should be empty.. See my Final code below

<?php

return array(

/*
|--------------------------------------------------------------------------
| URL
|--------------------------------------------------------------------------
|
| URL for the LDAP server. This should start with ldap://, for example:
| ldap://ldap.yourserver.com
|
*/
'url' => "ldap://10.3.9.10:389",

/*
|--------------------------------------------------------------------------
| Username
|--------------------------------------------------------------------------
|
| Username to use to connect authenticate to LDAP, for example:
| cn=read-only-admin,dc=example,dc=com
|
*/
'username' => "CN=Super Admin,OU=ITIT,OU=Teams,DC=ind,DC=macy,DC=com",

/*
|--------------------------------------------------------------------------
| Password
|--------------------------------------------------------------------------
|
| Password to use when authenticating to LDAP.
|
*/
'password' => "*********",

/*
|--------------------------------------------------------------------------
| Basedn
|--------------------------------------------------------------------------
|
| The base where the search for users will be executed, for example:
| dc=example,dc=com
|
*/

'basedn'   => "dc=ind,dc=macy,dc=com",

/*
|--------------------------------------------------------------------------
| Filter
|--------------------------------------------------------------------------
|
| The search filter for the LDAP query. This probably does not have to be
| changed.
|
*/
'filter' => "&(cn=*)",

/*
|--------------------------------------------------------------------------
| LDAP field names that will be retrieved to create a user.
|
| Using the username as an example:
| If I set 'result.username' => 'my-org-username', the code will connect to
| LDAP as follows (where $results[$i] represents a row in the LDAP query:
| $username-to-insert-in-snipe-it = $results[$i]["my-org-username"][0]
|
|--------------------------------------------------------------------------
|
| The search filter for the LDAP query.
| Note: all these fields are required, and they should all be lowercase.
|
*/
'result.username' => "",
'result.last.name'  => "",
'result.first.name' => "",

/*
| These fields are optional as not all LDAP directories will have it.  If yours
| does not have them, just leave these blank and the extra check will
| be omitted.
*/
'result.active.flag' => "",
'result.emp.num'  => "",
'result.email' => "",

/*
|--------------------------------------------------------------------------
| LDAP filter query for authentication
|--------------------------------------------------------------------------
|
| The LDAP query that we want to execute when authenticating a user. This
| should not have to be changed.
|
*/
'authentication.filter.query' => "uid=",

/*
|--------------------------------------------------------------------------
| LDAP Version
|--------------------------------------------------------------------------
|
| Version of LDAP you are using.
|
*/
'version' => 3,
unbkbl commented 8 years ago

Just start the sync process ldap

hegdemaahi24 commented 8 years ago

No i am not able to find that option error1

hegdemaahi24 commented 8 years ago

@unbkbl .. after the configuration also i dont find LDAP option??

hegdemaahi24 commented 8 years ago

@unbkbl y i am unable to get LDAP option.. After the changes made in ldap.php file. anything other configuration to do?? In first u can see the LDAP integration is NO. IN Graphical Interface u have to do any changes??. Please help out of this..

hegdemaahi24 commented 8 years ago

@unbkbl Dear Daniel... if u go Go To admin--->setting----> in that LDAP Integration is Yes Or No. If Yes. Please Go to Edit setting. and scroll down show me snapshot of Ldap configuration

hegdemaahi24 commented 8 years ago

Finally i went to Admin --> setting --> and Enabled Ldap. Filled all the configuration.. Changes i did is in LDAP Bind Username = ind/helpdesk ind is my domain suffix and helpdesk is username. and i filled 'result.username' => "samaccountname", 'result.last.name' => "sn", 'result.first.name' => "givenname",

all got synced!!!

Its Work Yupieeee