LDAP Login not working

[ghost]

Expected Behavior (or desired behavior if a feature request)

LDAP Sync is not disabling every enabled LDAP account and the LDAP login is working

---

Actual Behavior

• Sync of LDAP Users is working
• All users are disabled
• When enabling this users manually, they are not able to login
• After a new sync, the change will be overwritten by the sync

---

Please confirm you have done the following before posting your bug report:

• [/] I have enabled debug mode
• [/] I have read checked the Common Issues page

---

Provide answers to these questions:

• Is this a fresh install or an upgrade? Upgrade

• Version of Snipe-IT you're running v4.1.4 build 173 (gba38b84)

• Version of PHP you're running 7.1.11-1+ubuntu16.04.1+deb.sury.org+1

• Version of MySQL/MariaDB you're running Percona MySQL 5.7

• What OS and web server you're running Snipe-IT on Ubuntu 16.04.3 / Nginx

• What method you used to install Snipe-IT (install.sh, manual installation, docker, etc) Manual with Git Pull

• WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error No Error

• What specific Snipe-IT page you're on, and what specific element you're interacting with to trigger the error LDAP Configuration Login User LDAP Sync

• If a stacktrace is provided in the error, include that too.

• Any errors that appear in your browser's error console.

• Confirm whether the error is reproduceable on the demo: https://snipeitapp.com/demo.

• Include any additional information you can find in app/storage/logs and your webserver's logs.

[2017-11-15 14:15:20] production.ERROR: There was an error authenticating the LDAP user: Could not find user in LDAP directory

• Include what you've done so far in the installation, and if you got any error messages along the way.

Current LDAP Configuration added as a attachment

• Indicate whether or not you've manually edited any data directly in the database No change in the DB

[snipe]

We test against Jumpcloud, and these are the settings we use:

• LDAP Bind Username: uid=testauth,ou=Users,o=OUR-JUMPCLOUD-UID,dc=jumpcloud,dc=com
• LDAP Bind Password: OUR-PASSWORD
• Base Bind DN: ou=Users,o=OUR-JUMPCLOUD-UID,dc=jumpcloud,dc=com
• LDAP Filter: objectClass=inetOrgPerson
• Username field: uid
• Last name field: sn
• First Name field: givenname
• LDAP Authentication query: uid=

The only thing I see different there is the LDAP filter.

[ghost]

Thank you for your answer.

I reinstall the complete Snipe installation, but with the same issue: After a success sync, all users are disabled and a login is not possible (with the login test in the LDAP settings).

[techincolor]

I have the same Jumpcloud Snipe Issue. The LDAP syncs fine, but enabled users cannot login with their LDAP creds.

[yes] I have enabled debug mode [yes] I have read checked the Common Issues page Provide answers to these questions:

Is this a fresh install or an upgrade? Upgrade

Version of Snipe-IT you're running Version v4.1.8-pre - build 3034 (master)

Version of PHP you're running PHP 5.6.30 (cli) (built: Aug 8 2017 12:20:45)

Version of MySQL/MariaDB you're running 5.7.20 MySQL

What OS and web server you're running Snipe-IT on macOS X 10.12.6

What method you used to install Snipe-IT (install.sh, manual installation, docker, etc) Manual with Git Pull

WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error No Error

What specific Snipe-IT page you're on, and what specific element you're interacting with to trigger the error LDAP Configuration Login User LDAP Sync

Include what you've done so far in the installation, and if you got any error messages along the way. Current LDAP Configuration added as a attachment

" Connection to LDAP server established!" "Test LDAP Login Failed.***** did not successfully bind to LDAP."

Indicate whether or not you've manually edited any data directly in the database No change in the DB

[snipe]

@techincolor make sure the user is allowed to bind in your JumpCloud user settings.

[techincolor]

yes they are set to bind, i'm testing with two of our bind accounts.

[DanHelix]

Hello @snipe

@techincolor and I have this working via Jumpcloud, however...

It only works if we use shortname for username (i.e. fname.lname) instead of being able to use full email address.

When you test it, do you login in using shortname or email?

[snipe]

I think shortname only

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions!