search

snipe / snipe-it

A free open source IT asset/license management system
https://snipeitapp.com
GNU Affero General Public License v3.0
11.04k stars 3.18k forks source link

Ldap sync works, but logging do not #8684

Open pawel-zajac90 opened 3 years ago

pawel-zajac90 commented 3 years ago

Please confirm you have done the following before posting your bug report:

Describe the bug Hi, i've just installed snipe-it v.5.0.4 (PHP version 7.2.24-0ubuntu0.18.04.7 , Laravel version 6.18.10 ) and i've got problem with ldap logging. Sync works great, but users can't log in with ldap cretentials. So i've tried other Ldap authorization keys, but...still nothing. I tried to enable DEBUG mode (APP_DEBUG=true & service restart, also container restart ). I don't have got any icon or window (like docs says). I don't have got ldap login test icon in ldap settings. I was looking on many many pages, but none answer works for me.

To Reproduce Steps to reproduce the behavior:

  1. Go to LDAP settings
  2. Set LDAP credentials
  3. Save config
  4. Test users sync.
  5. Import Users with LDAP
  6. Try to log in with ldap credentials
  7. See an error

Expected behavior Log in with LDAP credentials.

Server (please complete the following information):

Desktop (please complete the following information):

Additional context

welcome[bot] commented 3 years ago

👋 Thanks for opening your first issue here! If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. We get a lot of issues on this repo, so please be patient and we will get back to you as soon as we can.

mstefan21 commented 3 years ago

Hi we have a same problem and our solutions was:

And all is working, we can see all peoples from "ou=people,dc=example,dc=org" in assets and only peoples with AccounActive=TRUE can login

pawel-zajac90 commented 3 years ago

I've only active users in this group, so i'm not using LDAP active flag... my LDAP Filter is &(cn=*) and LDAP Authentication query is uid so it should work...

but still nothing. After many other configs sync still works, but login with ldap not...

uberbrady commented 3 years ago

Try some of the tips here: https://snipe-it.readme.io/docs/advanced-debugging

It's possible that you're doing a config-cache (though I built the docker integration, and it doesn't do that unless you make it do that). The usual way to inject docker env-vars into your environment is to set them in your docker-env file and then re-launch your container (to make completely sure that the new variables are picked up).

Alternatively, you can connect to your container and inject the env-vars directly into the .env file in /var/www/html/.env

I would do that for testing but I wouldn't want to run it that way, though. The moment you upgrade your container, your customizations will disappear.

Snipe-IT Documentation
Advanced Debugging
Snipe-IT ships with the Laravel Debugbar, an amazing piece of software that lets you introspect much further into the framework and application to troubleshoot issues that may be a little harder to track down. To enable the debugbar, set the following in your .env file, and clear your config cache:...
uberbrady commented 3 years ago

We had a problem before where, if we had too many blank attributes defined in the LDAP settings, then the LDAP query would fail. We fixed that, and I think that's on Master. I don't think we've rolled a release out for that yet, however.

uberbrady commented 3 years ago

(It is actually on a release now; v5.0.7)

uchida140964 commented 3 years ago

I'm having the same problem.

Describe the bug In v4.9.5, I was able to login with LDAP sync successfully. In v5.0.11, the LDAP sync finishes successfully and the user is created, but I cannot login with LDAP authentication.

When I run Test LDAP Sync on the LDAP configuration page with the same settings as I was running on v4.9.5, I get the following error message. 500 Server Error. Please check your server logs for more information.

And I removed the LDAP active flag and set the LDAP Filter based on mstefan21's comment. I was able to connect to the LDAP server with Test LDAP Sync, but nothing is displayed except the header in the 10 users example.

To Reproduce Steps to reproduce the behavior:

  1. Go to LDAP settings
  2. Set LDAP credentials
  3. Save config
  4. Test users sync
  5. Import Users with LDAP in Command-Line
  6. Try to log in with LDAP credentials
  7. See an error

Expected behavior I am able to login with LDAP sync successfully.

Screenshots If applicable, add screenshots to help explain your problem.

Server (please complete the following information):

Desktop (please complete the following information):

Additional context

Add any other context about the problem here.

Any help would be greatly appreciated.

uberbrady commented 3 years ago

Can you connect to the container and check out storage/logs/laravel.log - and let me know what you see there (near the end?)

uchida140964 commented 3 years ago

@uberbrady there is no storage/logs/laravel.log. In debug mode, some logs were found. Test LDAP Sync image Test LDAP Login image

snipe commented 3 years ago

There should definitely be storage/logs/laravel.log - is the storage and all subdirectories writable?

uberbrady commented 3 years ago

If you connect to your container using something like: docker exec -t -i snipeit /bin/bash

Then you should see a directory like /var/www/html/storage/logs - look for laravel.log in there. Nothing?

uchida140964 commented 3 years ago

I restarted the container and confirmed that laravel.log exists, but when I run Test LDAP Sync again, the log that was displayed in debug mode is not written. Import errors, etc. are written to laravel.log, so I don't think permission to write is a problem. Is it a log level issue?

uchida140964 commented 3 years ago

Resolved. Just check the "Append domain name to username field" checkbox, and it works the same as it did in v4.9.5. Thank you very much. image