LDAP Authentication Problems

Added by Andrew Chanrasmi over 13 years ago

Hello,

I am trying to use LDAP authentication in redmine to bind with an existing database of accounts. My intention is that this would allow users to simply input their username and password through LDAP and be verified in that manner. The problems we are experiencing is that we are able to successfully connect to LDAP, but receive an "Invalid User or Password" when trying to verify against it. I am not quite sure where the problem lies, but it would be of great help if someone could lead us in the right direction. The information we use is:

Host: r.gted.gatech.edu

Port: 636
SSL: Required
URI: ldaps://r.gted.gatech.edu:636
Auentication type: simple binding
Bind DN: uid=marc-redmine-searcher,ou=Local Accounts,dc=gted,dc=gatech,dc=edu
Password: <kerberos password of marc-redmine-searcher>

Example base DN:

ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu

Example search filter:

(uid=em139)

and the included picture shows how we input the information into the LDAP Authentication on redmine. All help is appreciated.

(By the way, I am not very technologically inclined and don't quite understand databases, LDAP, and redmine all that well. I am working on this for where I work. So easy to understand explanations or directions would help too.)

Replies (3)

RE: LDAP Authentication Problems - Added by Andrew Chanrasmi over 13 years ago

Image won't upload so here is a link to it.
http://s6.photobucket.com/albums/y225/Blakrazor/?action=view&current=LDAP.jpg

RE: LDAP Authentication Problems - Added by Andrew Chanrasmi over 13 years ago

Note: The following are the procedures to be able to access LDAP. Would this be possible on redmine to authenticate in this fashion?

Follow this procedure to perform GT account authentication via LDAP:

1. Get the GT account of the user (e.g. jclough).

2. Find that account's DN in GTED by using your marc-redmine-searcher

account as shown above. An example DN that might be returned is

"gtDirGUID=726095492A7CC30E493BB64CFBDF6BED,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu".

3. Get the user's password from the user. IT IS YOUR RESPONSIBILITY TO

MAINTAIN SECURE CONTROL OF THIS PASSWORD WHILE YOU HAVE IT AND TO WIPE

IT FROM MEMORY AS SOON AS POSSIBLE.

4. Use the DN retrieved in step 2 and the password from step 3 to bind

to GTED again. If the bind succeeds, the password is correct.

RE: LDAP Authentication Problems - Added by Andy P over 13 years ago

I've had LDAP working against our Windows AD for some time now. I checked my settings and the only difference I can see that might help you is that I have the login account name preceded by the Windows domain name.

If your environment is similar to ours then try doing the same. So, instead of

marc-redmine-searcher

try

DOMAIN\marc-redmine-searcher

where DOMAIN is, of course, the name of your domain.

(1-3/3)

Project

General

Profile

Redmine