Open ledufakademy opened 3 years ago
xet7
commented
3 years ago Is this related to https://github.com/wekan/wekan/commit/1a049e44991ccaff65abbcee5021b4cf939e8f17#commitcomment-46120981 or https://github.com/wekan/wekan-ldap/issues/86 ?
@Sancretor what do you think?
Sancretor
commented
3 years ago @xet7 Could be... or a missing piece of configuration.
@ledufakademy You should have a look at your Wekan & OpenLdap logs to see if it matches the issue linked above. Otherwise, could you share your LDAP configuration for Wekan please ?
xet7
commented
3 years ago LDAP examples are at https://github.com/wekan/wekan/wiki/LDAP
ledufakademy
commented
3 years ago Here is the conf (snap get wekan , and where can i see the conf file instead of that ?) :
Note : as you can see group admin or filtering is disable , because not working ... Wekan is bind to Active Directory.
board-default-language FR default-authentication-method ldap ldap-authentication true ldap-authentication-password PassW0rd ldap-authentication-userdn CN=BindWekan,DC=exemple,DC=com ldap-background-sync false ldap-background-sync-import-new-users false ldap-background-sync-interval every 5 minute ldap-background-sync-keep-existant-users-updated false ldap-basedn DC=exemple,DC=com ldap-connect-timeout 10000 ldap-default-domain mail.exemple.com ldap-enable true ldap-encryption false ldap-fullname-field cn ldap-group-filter-enable false ldap-group-filter-group-member-format dn ldap-group-filter-group-name GRP_WEKAN_USERS ldap-group-filter-id-attribute cn ldap-group-filter-member-attribute member ldap-group-filter-objectclass group ldap-host 10.xx.yy.zz ldap-idle-timeout 10000 ldap-log-enabled true ldap-login-fallback false ldap-port 389 ldap-reconnect true ldap-search-page-size 0 ldap-search-size-limit 0 ldap-sync-admin-groups GRP_WEKAN_ADMINS ldap-sync-admin-status false ldap-sync-user-data true ldap-timeout 10000 ldap-unique-identifier-field sAMAccountName ldap-user-search-field sAMAccountName ldap-user-search-filter (&(objectClass=user)(memberOf=CN=GRP_WEKAN-USERS,OU=Applicatifs,OU=Groupes,DC=exemple,DC=com)) ldap-user-search-scope sub ldap-username-field sAMAccountName mail-from Projets Wekan Support <projets.wekan@exemple.com mail-url smtps://notifications@exemple.com:password1@mail.exemple.com:587/ root-url https://wekan.exemple.com
`thanks for your answers ;-)
veloprofz
commented
1 year ago how to turn on the option so that ldap authentication appears in the admin panel?
xet7
commented
1 year ago @veloprofz
https://github.com/wekan/wekan/wiki/LDAP
sudo snap set wekan ldap-enable='true'
https://github.com/wekan/wekan/blob/master/docker-compose.yml#L488
i try everything with conf. but i can't achieve to only allow login/access for users that are member of a dedicated active directory group. Is it a bug ? i try group filter , search user filter ... nothing is working with wekan. Does someone as a working conf ? (i'm using snap install on debian 10)