LDAP installation problem

Added by Praphan Theeravanvilai over 11 years ago

I try to config on-the-fly user creation by config to my Active Directory Server, but cannot sign in.
The error message is Invalid user and password.
My config
Name = redmine
Host = win2003entr2
Port = 389
LDAPS = no
Account =
Password = xxxxxxxxxxx
Base DN = CN=users,DC=testgroup,DC=com

On-the-fly user creation = yes
Attributes
Login = sAMAccountName
Firstname = givenName
Lastname = sN
Email = mail

login user :
Password = xxxxxxxxxxx

I use redmine 0.71.
Thanks in advance for any help.

Replies (12)

RE: LDAP installation problem - Added by Yanoksy Durañona Yero over 11 years ago

Try filling the Account field in the way domain\user_account; it works for me.

RE: LDAP installation problem - Added by Praphan Theeravanvilai over 11 years ago

Still not working.
I change the account field to
Account = testgroup\administrator
Then I login as testgroup\user1 or , Redmine still complain about invalid user or password.
Any suggestion would be appreciate.
Thanks you for the reply and the future replies.
Please help

RE: LDAP installation problem - Added by Yanoksy Durañona Yero over 11 years ago

Check your Base DN, maybe the CN = Users is not defined or is in other location like this Base DN = OU=Admin Users,OU=Our Domain Users,DC=testgroup,DC=com.

RE: LDAP installation problem - Added by Praphan Theeravanvilai over 11 years ago

Thanks for your help.
It is still not working.
I put
Base DN = OU=Admin Users,OU=Our Domain Users,DC=testgroup,DC=com
And login, same message.
What command in windows 2003 that I can check whether I have CN or OU?
Do I have to create the directory in server and apply security right for redmine users, if this case do I have to put the name of the directory somewhere in Base DN, now I'm not set anything.
Sorry for these basic questions, I'm newbie in Active Directory and LDAP.
Khob Khun Krub (Thanks you very much in Thai) again

RE: LDAP installation problem - Added by Yanoksy Durañona Yero over 11 years ago

Try Ldap Admin Tool, it's free to download and test, connect to the AD using de Base DN = DC=testgroup,DC=com and explore the OUs looking for the distingishedName of the location where the AD users resides.

RE: LDAP installation problem - Added by Praphan Theeravanvilai over 11 years ago

Ldap Admin Tool is quite a good and simple Tools
Here is what I got.
Connect by Base DN = CN=users,DC=testgroup,DC=com
Attributes
sAMAccountName=user1
givenName=User1
sN=Lastname1
mail=
Look like everything OK, I think the Server and the connection by Base DN is OK.
But the login is still not working, same message.
Here is the log from production.log

Please advice what I can do next

RE: LDAP installation problem - Added by Praphan Theeravanvilai over 11 years ago

Sorry wrong click, let's start again.

Ldap Admin Tool is quite a good and simple Tools

Here is what I got.
Connect by Base DN = CN=users,DC=testgroup,DC=com
Attributes
sAMAccountName=user1
givenName=User1
sN=Lastname1
mail=

Look like everything OK, I think the Server and the connection by Base DN is OK.

But the login is still not working, same message.

Here is the log from production.log
Processing AccountController#login (for 127.0.0.1 at 2008-05-28 07:44:39) [POST]
Session ID: 25a8f2957d70cff0f2def08febc2b028
Parameters: {"action"=>"login", "username"=>"testgroup\\user2", "controller"=>"account", "password"=>"[FILTERED]", "login"=>"Login »"}
Rendering template within layouts/base
Rendering account/login
Completed in 0.04700 (21 reqs/sec) | Rendering: 0.01600 (34%) | DB: 0.00000 (0%) | 200 OK [http://localhost/login]

Processing AccountController#login (for 127.0.0.1 at 2008-05-28 07:44:56) [POST]
Session ID: 25a8f2957d70cff0f2def08febc2b028
Parameters: {"action"=>"login", "username"=>"", "controller"=>"account", "password"=>"[FILTERED]", "login"=>"Login »"}
Rendering template within layouts/base
Rendering account/login
Completed in 0.03200 (31 reqs/sec) | Rendering: 0.00000 (0%) | DB: 0.00000 (0%) | 200 OK [http://localhost/login]

Please advice what I can do next.
Thanks thanks in advance.

RE: LDAP installation problem - Added by Praphan Theeravanvilai over 11 years ago

One more detail, when login Ldapadmin I have to select GSS-API without SSL or SASL, Simple authentication choice not work, with or without SSL.

RE: LDAP installation problem - Added by glen geisen over 11 years ago

so to be clear you CAN authenticate against your LDAP server using LDAPadmin with credentials:
Account =
Password = xxxxxxxxxxx
Base DN = CN=users,DC=testgroup,DC=com

Correct?

RE: LDAP installation problem - Added by Praphan Theeravanvilai over 11 years ago

Yes I can authenticate against my LDAP Server using LDAPadmin with
Accoun =
password = xxxxxxx
Base DN = CN=users,DC=testgroup,DC=com
I can see the user accounts and all its attributes.
Something different, now I can login with simple authentication if I use ''.
Previously I use 'administrator', in this case I need to use GSS-API authentication without SSL or SASL.
Any suggestion ?

RE: LDAP installation problem - Added by Roderick Taylor about 11 years ago

I'm seeing the exact same issue with our Windows 2003 Small Business Server Domain controller. LdapAdmin can connect only when gss-api is checked and not with simple encryption. Looking at Ruby's Net::LDAP module that Redmine uses, it seems to only be able to do simple authentication. Has anyone got any further with this?

Removed spam - Added by CablimilisH CablimilisH about 10 years ago

Spam removed by Mischa...

(1-12/12)