Closed LM1LC3N7 closed 5 years ago
I still don't know why this error is generated, but I have changed my LDAP configuration and it is gone.
I assume that this is related to a bad configuration on the USERDN. I have removed ou=SERVICE-ACCOUNTS
.
Now, I have to understand how to configure a subtree search to find my user.
Hi,
I have the same issue and can't get past it.
Wekan version: 4.17.0 Operating System: Windows 10 professional Node version: 12.18.2
My start-wekan.bat config:
SET LDAP_ENABLE=true
SET LDAP_PORT=389
SET LDAP_HOST=MyLdapHost
SET LDAP_BASEDN=OU=xxx,DC=xxx,DC=xxx
SET LDAP_LOGIN_FALLBACK=false
SET LDAP_RECONNECT=true
SET LDAP_TIMEOUT=10000
SET LDAP_IDLE_TIMEOUT=10000
SET LDAP_CONNECT_TIMEOUT=10000
SET LDAP_AUTHENTIFICATION=true
SET LDAP_AUTHENTIFICATION_USERDN=CN=ldapUser,CN=Users,DC=xxx,DC=xxx
SET LDAP_AUTHENTIFICATION_PASSWORD=XXXXXX
SET LDAP_LOG_ENABLED=true
SET LDAP_BACKGROUND_SYNC=true
SET LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
SET LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
SET LDAP_ENCRYPTION=tls
SET LDAP_USER_AUTHENTICATION=false
SET LDAP_USER_AUTHENTICATION_FIELD=sAMAccountName
SET LDAP_USER_SEARCH_SCOPE=sub
SET LDAP_USER_SEARCH_FIELD=sAMAccountName
SET LDAP_SEARCH_PAGE_SIZE=0
SET LDAP_SEARCH_SIZE_LIMIT=0
SET LDAP_UTF8_NAMES_SLUGIFY=true
SET LDAP_USERNAME_FIELD=sAMAccountName
SET LDAP_FULLNAME_FIELD=displayName
SET LDAP_EMAIL_MATCH_ENABLE=false
SET LDAP_EMAIL_MATCH_REQUIRE=false
SET LDAP_EMAIL_MATCH_VERIFIED=true
SET LDAP_EMAIL_FIELD=userPrincipalName
SET LDAP_SYNC_USER_DATA=true
SET LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "userPrincipalName":"email"}
SET LDAP_DEFAULT_DOMAIN=xxxx.xx
SET LDAP_SYNC_ADMIN_STATUS=true
SET LDAP_SYNC_ADMIN_GROUPS='EDV'
This is my output while trying to login to wekan:
[INFO] Init LDAP login "MyUser"
[WARN] Lookup for unset variable: LDAP_REJECT_UNAUTHORIZED
[WARN] Lookup for unset variable: INTERNAL_LOG_LEVEL
[WARN] Lookup for unset variable: LDAP_USER_ATTRIBUTES
[WARN] Lookup for unset variable: LDAP_USER_SEARCH_FILTER
[WARN] Lookup for unset variable: LDAP_GROUP_FILTER_ENABLE
[WARN] Lookup for unset variable: LDAP_GROUP_FILTER_OBJECTCLASS
[WARN] Lookup for unset variable: LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE
[WARN] Lookup for unset variable: LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE
[WARN] Lookup for unset variable: LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT
[WARN] Lookup for unset variable: LDAP_GROUP_FILTER_GROUP_NAME
[INFO] Init setup
[INFO] Connecting "ldap://MyLdapHost:389"
[DEBUG] connectionOptions{
url: 'ldap://MyLdapHost:389',
timeout: 10000,
connectTimeout: 10000,
idleTimeout: 10000,
reconnect: true,
log: Logger {
_events: [Object: null prototype] {},
_eventsCount: 0,
_maxListeners: undefined,
_level: 30,
streams: [ [Object] ],
serializers: null,
src: false,
fields: {
name: 'ldapjs',
component: 'client',
hostname: 'wekanserver',
pid: 1588
},
[Symbol(kCapture)]: false
}
}
[INFO] Starting TLS
[DEBUG] tlsOptions {
"rejectUnauthorized": false,
"ca": [
"-----BEGIN CERTIFICATE-----MIIGJzCCBQ+gAwIBAgITWQAAC1cr/gzK/uWY2AAKAA.....-----END CERTIFICATE-----"
],
"host": "MyLdapHost"
}
[INFO] TLS connected
[INFO] Binding UserDN "CN=ldapUser,CN=Users,DC=xxx,DC=xxx"
[ERROR] TypeError: Cannot read property '0' of undefined
Thank you for your help!
Cheers!
I found the problem for this but couldn't find a fix till now.
The message [ERROR] TypeError: Cannot read property '0' of undefined
is connected to the setting LDAP_USER_SEARCH_FILTER
.
If you active the log level "debug" with SET INTERNAL_LOG_LEVEL=debug
and set the variable SET LDAP_USER_SEARCH_FILTER=""
you can see the following entry:
[DEBUG] searchOptions {
"filter": "(&(\"\")(\"sAMAccountName\"=login))",
"scope": "\"sub\"",
"sizeLimit": 0
}
But then you get this error:
[ERROR] Error: "" is invalid
Hello,
I am trying to configure wekan to connect to my LDAP server, but I am stuck on an error:
Did you test in newest Wekan?: Yes Wekan version: latest (master) Operating System: CentOS Deployment Method: Source
Here the full output when I am trying to log in:
I am using the last version (master) of:
I am using the following LDAP configuration:
Did you know the cause of this error, or a workaround?
Thanks 😄