Closed austinsasko closed 7 years ago
Syncronizing and auth don't use the same LDAP methods. When you sync, you're authenticating with the admin credentials you supplied in the LDAP settings panel. When you login, you're logging in as whoever you're trying to login as.
Try using objectClass=inetOrgPerson
as your LDAP filter.
(You should probably also use the SSL option for Jumpcloud: ldaps://ldap.jumpcloud.com
)
I tried setting that as the LDAP filter and I get "Invalid DN syntax" when clicking test
We use Jumpcloud here. These are the settings that work for us:
When attempting to use ldaps:// I get a " Could not bind to LDAP: Can't contact LDAP server" so I went with ldap:// but that left me with the issue of no users being found.
Quick status update - the authing user was not set to be able to bind in Jumpcloud, which is likely the reason LDAP thinks the user doesn't exist. Hopefully have more info tomorrow.
Expected Behavior (or desired behavior if a feature request)
User is able to authenticate against LDAP
Actual Behavior
The user is shown an incorrect user/password page and the logs show "LDAP user not found in LDAP There was an error authenticating the LDAP user: Could not find user in LDAP directory"
Please confirm you have done the following before posting your bug report:
Please provide answers to these questions before posting your bug report:
Version of Snipe-IT you're running v3.6.0 build 71 (gd49a1ea)
What OS and web server you're running Snipe-IT on CentOS 6.8 HTTPD
What method you used to install Snipe-IT (install.sh, manual installation, docker, etc) Git
WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error Error: The username or password is incorrect.
What specific Snipe-IT page you're on, and what specific element you're interacting with to trigger the error User/password
If a stacktrace is provided in the error, include that too.
Any errors that appear in your browser's error console.
Confirm whether the error is reproduceable on the demo.
Include any additional information you can find in
app/storage/logs
and your webserver's logs.[2016-12-06 15:48:32] production.DEBUG: LDAP user not found in LDAP or could not bind [2016-12-06 15:48:32] production.ERROR: There was an error authenticating the LDAP user: Could not find user in LDAP directory [2016-12-06 15:48:32] production.DEBUG: Authenticating user against database. [2016-12-06 15:48:32] production.DEBUG: Local authentication failed. [2016-12-06 15:48:54] production.DEBUG: LDAP is enabled. [2016-12-06 15:48:54] production.DEBUG: Binding user to LDAP. [2016-12-06 15:48:55] production.DEBUG: LDAP user not found in LDAP or could not bind [2016-12-06 15:48:55] production.ERROR: There was an error authenticating the LDAP user: Could not find user in LDAP directory [2016-12-06 15:48:55] production.DEBUG: Authenticating user against database.
What furthers my confusion in this matter, is synchronizing LDAP works fine, and all users show up as expected under the setting uid; however, when attempting to authenticate under the same field (uid), the attempt is "not found". Test LDAP Connection Test LDAP It worked! LDAP settings: