alkemyst
commented
6 years ago Hi @usernotuse , I noticed that you are using ldap:// usually that is not a server where you can authenticate (as password would travel unprotected). In order for your system to work you should be able to run the following commands from your linux command line:
ldapsearch -x -H "ldaps://ldap.domain.com:636" -D "CN=aValidUsername,OU=Users,OU=Organic Units,DC=domain,DC=com" -W -b "OU=Users,OU=Organic Units,DC=domain,DC=com" '(uid=yourUsersUsername)'(Where the -D is needed to identify you to grant you permission to "search" in the ldap directory and that should go in the LDAP_AUTHENTIFICATION_USERDN configuration variable. And the corresponding user password is LDAP_AUTHENTIFICATION_PASSWORD. The -b part instead goes in the LDAP_BASEDN. If the login is encrypted via ssl (hdalps://) then LDAP_ENCRYPTION=ssl It is also possible that your ldap server allows you to browse the directory anonymously, in which case I do not know the exact syntax, but that is easier. Once you succeed the first step you should get the full record of the user that wants to login. One line is important: that one that says
dn: CN=yourUsersUsername,OU=Users,OU=Organic Units,DC=domain,DC=comor something similar. We will use that DistinguishedName to try and authenticate your user. This is done with another command:
ldapwhoami -H "ldaps://ldap.domain.com:636" -D "CN=yourUsersUsername,OU=Users,OU=Organic Units,DC=domain,DC=com" -W && echo all is okif you type the user's password here and you get the message "all is OK", then you have all the parameters you need to configure the ldap login.
Issue
Server Setup Information:
I am trying to get LDAP working for Wekan and getting the following issue. LDAP is connected. The user sync doesn't work.
Any ideas? Thanx!
Greetings,
Erik