search

wekan / ldap

LDAP support for Wekan code has been moved to https://github.com/wekan/wekan/tree/master/packages/wekan-ldap , issues to https://github.com/wekan/wekan/issues , and if PRs are needed please add them instead to https://github.com/wekan/wekan/pulls
https://github.com/wekan/wekan/tree/master/packages/wekan-ldap
MIT License
12 stars 10 forks source link

[ERROR] TypeError: Cannot read property '0' of undefined #27

Closed LM1LC3N7 closed 5 years ago

LM1LC3N7 commented 5 years ago

Hello,

I am trying to configure wekan to connect to my LDAP server, but I am stuck on an error:

Nov 28 12:00:35 myserver.local wekan[14042]: [ERROR] TypeError: Cannot read property '0' of undefined

Did you test in newest Wekan?: Yes Wekan version: latest (master) Operating System: CentOS Deployment Method: Source

Here the full output when I am trying to log in:

Nov 28 12:00:34 myserver.local wekan[14042]: [INFO] Init LDAP login "testuser"
Nov 28 12:00:34 myserver.local wekan[14042]: [WARN] Lookup for unset variable: LDAP_CA_CERT
Nov 28 12:00:34 myserver.local wekan[14042]: [WARN] Lookup for unset variable: LDAP_USER_SEARCH_FILTER
Nov 28 12:00:34 myserver.local wekan[14042]: [WARN] Lookup for unset variable: LDAP_USER_SEARCH_SCOPE
Nov 28 12:00:34 myserver.local wekan[14042]: [WARN] Lookup for unset variable: LDAP_GROUP_FILTER_OBJECTCLASS
Nov 28 12:00:34 myserver.local wekan[14042]: [WARN] Lookup for unset variable: LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE
Nov 28 12:00:34 myserver.local wekan[14042]: [WARN] Lookup for unset variable: LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE
Nov 28 12:00:34 myserver.local wekan[14042]: [WARN] Lookup for unset variable: LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT
Nov 28 12:00:34 myserver.local wekan[14042]: [WARN] Lookup for unset variable: LDAP_GROUP_FILTER_GROUP_NAME
Nov 28 12:00:34 myserver.local wekan[14042]: [INFO] Init setup
Nov 28 12:00:34 myserver.local wekan[14042]: [INFO] Connecting "ldap://192.168.X.X:389"
Nov 28 12:00:34 myserver.local wekan[14042]: [DEBUG] connectionOptions{ url: 'ldap://192.168.X.X:389',
Nov 28 12:00:34 myserver.local wekan[14042]: timeout: 15000,
Nov 28 12:00:34 myserver.local wekan[14042]: connectTimeout: 15000,
Nov 28 12:00:34 myserver.local wekan[14042]: idleTimeout: 15000,
Nov 28 12:00:34 myserver.local wekan[14042]: reconnect: true,
Nov 28 12:00:34 myserver.local wekan[14042]: log:
Nov 28 12:00:34 myserver.local wekan[14042]: Logger {
Nov 28 12:00:34 myserver.local wekan[14042]: domain: null,
Nov 28 12:00:34 myserver.local wekan[14042]: _events: {},
Nov 28 12:00:34 myserver.local wekan[14042]: _eventsCount: 0,
Nov 28 12:00:34 myserver.local wekan[14042]: _maxListeners: undefined,
Nov 28 12:00:34 myserver.local wekan[14042]: _level: 20,
Nov 28 12:00:34 myserver.local wekan[14042]: streams: [ [Object] ],
Nov 28 12:00:34 myserver.local wekan[14042]: serializers: null,
Nov 28 12:00:34 myserver.local wekan[14042]: src: false,
Nov 28 12:00:34 myserver.local wekan[14042]: fields:
Nov 28 12:00:34 myserver.local wekan[14042]: { name: 'ldapjs',
Nov 28 12:00:34 myserver.local wekan[14042]: component: 'client',
Nov 28 12:00:34 myserver.local wekan[14042]: hostname: 'myserver.local',
Nov 28 12:00:34 myserver.local wekan[14042]: pid: 14042 } } }
Nov 28 12:00:35 myserver.local wekan[14042]: [INFO] LDAP connected
Nov 28 12:00:35 myserver.local wekan[14042]: [INFO] Binding UserDN "cn=cs-wekan,ou=SERVICE-ACCOUNTS,dc=mydc,dc=local"
Nov 28 12:00:35 myserver.local wekan[14042]: {"name":"ldapjs","component":"client","hostname":"myserver.local","pid":14042,"clazz":"Client","ldap_id":"5__ldap://192.168.X.X:389","level":20,"msg":"connected after 1 attempt(s)","time":"2018-11-28T11:00:35.042Z","v":0}
Nov 28 12:00:35 myserver.local wekan[14042]: [ERROR] TypeError: Cannot read property '0' of undefined
Nov 28 12:00:36 myserver.local wekan[14042]: [INFO] Idle
Nov 28 12:00:36 myserver.local wekan[14042]: [INFO] Disconecting
Nov 28 12:00:36 myserver.local wekan[14042]: [INFO] Closed

I am using the last version (master) of:

I am using the following LDAP configuration:

LDAP_ENABLE=true
LDAP_PORT=389
LDAP_HOST=192.168.X.X
LDAP_BaseDN=ou=user,dc=mydc,dc=local
LDAP_ENCRYPTION=false
LDAP_LOGIN_FALLBACK=false
LDAP_RECONNECT=true
LDAP_TIMEOUT=15000
LDAP_IDLE_TIMEOUT=15000
LDAP_CONNECT_TIMEOUT=15000
LDAP_AUTHENTIFICATION=true
LDAP_AUTHENTIFICATION_USERDN=cn=cs-wekan,ou=SERVICE-ACCOUNTS,dc=mydc,dc=local
LDAP_AUTHENTIFICATION_PASSWORD=STRONGPASSWORD
LDAP_INTERNAL_LOG_LEVEL=debug
LDAP_LOG_ENABLED=true
LDAP_BACKGROUND_SYNC=true
LDAP_BACKGROUND_SYNC_INTERVAL=3600000
LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
LDAP_USER_SEARCH_FIELD=upn
LDAP_SEARCH_PAGE_SIZE=0
LDAP_SEARCH_SIZE_LIMIT=1000
LDAP_GROUP_FILTER_ENABLE=true
LDAP_USERNAME_FIELD=username
LDAP_MERGE_EXISTING_USERS=true
LDAP_SYNC_USER_DATA=true
LDAP_DEFAULT_DOMAIN=mydomain.tld

Did you know the cause of this error, or a workaround?

Thanks 😄

LM1LC3N7 commented 5 years ago

I still don't know why this error is generated, but I have changed my LDAP configuration and it is gone.

I assume that this is related to a bad configuration on the USERDN. I have removed ou=SERVICE-ACCOUNTS.

Now, I have to understand how to configure a subtree search to find my user.

mweiss237 commented 4 years ago

Hi,

I have the same issue and can't get past it.

Wekan version: 4.17.0 Operating System: Windows 10 professional Node version: 12.18.2

My start-wekan.bat config:

SET LDAP_ENABLE=true

SET LDAP_PORT=389

SET LDAP_HOST=MyLdapHost

SET LDAP_BASEDN=OU=xxx,DC=xxx,DC=xxx

SET LDAP_LOGIN_FALLBACK=false

SET LDAP_RECONNECT=true

SET LDAP_TIMEOUT=10000

SET LDAP_IDLE_TIMEOUT=10000

SET LDAP_CONNECT_TIMEOUT=10000

SET LDAP_AUTHENTIFICATION=true

SET LDAP_AUTHENTIFICATION_USERDN=CN=ldapUser,CN=Users,DC=xxx,DC=xxx

SET LDAP_AUTHENTIFICATION_PASSWORD=XXXXXX

SET LDAP_LOG_ENABLED=true

SET LDAP_BACKGROUND_SYNC=true

SET LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true

SET LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true

SET LDAP_ENCRYPTION=tls

SET LDAP_USER_AUTHENTICATION=false

SET LDAP_USER_AUTHENTICATION_FIELD=sAMAccountName

SET LDAP_USER_SEARCH_SCOPE=sub

SET LDAP_USER_SEARCH_FIELD=sAMAccountName

SET LDAP_SEARCH_PAGE_SIZE=0

SET LDAP_SEARCH_SIZE_LIMIT=0

SET LDAP_UTF8_NAMES_SLUGIFY=true

SET LDAP_USERNAME_FIELD=sAMAccountName

SET LDAP_FULLNAME_FIELD=displayName

SET LDAP_EMAIL_MATCH_ENABLE=false

SET LDAP_EMAIL_MATCH_REQUIRE=false

SET LDAP_EMAIL_MATCH_VERIFIED=true

SET LDAP_EMAIL_FIELD=userPrincipalName

SET LDAP_SYNC_USER_DATA=true

SET LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "userPrincipalName":"email"}

SET LDAP_DEFAULT_DOMAIN=xxxx.xx

SET LDAP_SYNC_ADMIN_STATUS=true

SET LDAP_SYNC_ADMIN_GROUPS='EDV'

This is my output while trying to login to wekan:

[INFO] Init LDAP login "MyUser"
[WARN] Lookup for unset variable: LDAP_REJECT_UNAUTHORIZED
[WARN] Lookup for unset variable: INTERNAL_LOG_LEVEL
[WARN] Lookup for unset variable: LDAP_USER_ATTRIBUTES
[WARN] Lookup for unset variable: LDAP_USER_SEARCH_FILTER
[WARN] Lookup for unset variable: LDAP_GROUP_FILTER_ENABLE
[WARN] Lookup for unset variable: LDAP_GROUP_FILTER_OBJECTCLASS
[WARN] Lookup for unset variable: LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE
[WARN] Lookup for unset variable: LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE
[WARN] Lookup for unset variable: LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT
[WARN] Lookup for unset variable: LDAP_GROUP_FILTER_GROUP_NAME
[INFO] Init setup
[INFO] Connecting "ldap://MyLdapHost:389"
[DEBUG] connectionOptions{
  url: 'ldap://MyLdapHost:389',
  timeout: 10000,
  connectTimeout: 10000,
  idleTimeout: 10000,
  reconnect: true,
  log: Logger {
    _events: [Object: null prototype] {},
    _eventsCount: 0,
    _maxListeners: undefined,
    _level: 30,
    streams: [ [Object] ],
    serializers: null,
    src: false,
    fields: {
      name: 'ldapjs',
      component: 'client',
      hostname: 'wekanserver',
      pid: 1588
    },
    [Symbol(kCapture)]: false
  }
}
[INFO] Starting TLS
[DEBUG] tlsOptions {
  "rejectUnauthorized": false,
  "ca": [
    "-----BEGIN CERTIFICATE-----MIIGJzCCBQ+gAwIBAgITWQAAC1cr/gzK/uWY2AAKAA.....-----END CERTIFICATE-----"
  ],
  "host": "MyLdapHost"
}
[INFO] TLS connected
[INFO] Binding UserDN "CN=ldapUser,CN=Users,DC=xxx,DC=xxx"
[ERROR] TypeError: Cannot read property '0' of undefined

Thank you for your help!

Cheers!

mweiss237 commented 4 years ago

I found the problem for this but couldn't find a fix till now. The message [ERROR] TypeError: Cannot read property '0' of undefined is connected to the setting LDAP_USER_SEARCH_FILTER. If you active the log level "debug" with SET INTERNAL_LOG_LEVEL=debug and set the variable SET LDAP_USER_SEARCH_FILTER="" you can see the following entry:

[DEBUG] searchOptions { 
  "filter": "(&(\"\")(\"sAMAccountName\"=login))",
  "scope": "\"sub\"",
  "sizeLimit": 0
}

But then you get this error:

[ERROR] Error: "" is invalid