LDAP Authentication Problems
Added by Andrew Chanrasmi almost 15 years ago
Hello,
I am trying to use LDAP authentication in redmine to bind with an existing database of accounts. My intention is that this would allow users to simply input their username and password through LDAP and be verified in that manner. The problems we are experiencing is that we are able to successfully connect to LDAP, but receive an "Invalid User or Password" when trying to verify against it. I am not quite sure where the problem lies, but it would be of great help if someone could lead us in the right direction. The information we use is:
Port: 636Host: r.gted.gatech.edu
SSL: Required
URI: ldaps://r.gted.gatech.edu:636
Auentication type: simple binding
Bind DN: uid=marc-redmine-searcher,ou=Local Accounts,dc=gted,dc=gatech,dc=edu
Password: <kerberos password of marc-redmine-searcher>
ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=eduExample base DN:
(uid=em139)Example search filter:
and the included picture shows how we input the information into the LDAP Authentication on redmine. All help is appreciated.
(By the way, I am not very technologically inclined and don't quite understand databases, LDAP, and redmine all that well. I am working on this for where I work. So easy to understand explanations or directions would help too.)
Replies (3)
RE: LDAP Authentication Problems
-
Added by Andrew Chanrasmi almost 15 years ago
Image won't upload so here is a link to it.
http://s6.photobucket.com/albums/y225/Blakrazor/?action=view¤t=LDAP.jpg
RE: LDAP Authentication Problems
-
Added by Andrew Chanrasmi almost 15 years ago
Note: The following are the procedures to be able to access LDAP. Would this be possible on redmine to authenticate in this fashion?
Follow this procedure to perform GT account authentication via LDAP:
1. Get the GT account of the user (e.g. jclough).
2. Find that account's DN in GTED by using your marc-redmine-searcher
account as shown above. An example DN that might be returned is
"gtDirGUID=726095492A7CC30E493BB64CFBDF6BED,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu".
3. Get the user's password from the user. IT IS YOUR RESPONSIBILITY TO
MAINTAIN SECURE CONTROL OF THIS PASSWORD WHILE YOU HAVE IT AND TO WIPE
IT FROM MEMORY AS SOON AS POSSIBLE.
4. Use the DN retrieved in step 2 and the password from step 3 to bind
to GTED again. If the bind succeeds, the password is correct.
RE: LDAP Authentication Problems
-
Added by Andy P almost 15 years ago
I've had LDAP working against our Windows AD for some time now. I checked my settings and the only difference I can see that might help you is that I have the login account name preceded by the Windows domain name.
If your environment is similar to ours then try doing the same. So, instead of
marc-redmine-searcher
try
DOMAIN\marc-redmine-searcher
where DOMAIN is, of course, the name of your domain.