Redmine

1. Your LDAP source seems good I guess the problem is not there
2. Double check your Base DN, might be CN=Users,DC=domain,DC=com
   You can use an LDAP browser to double check that
3. Double check your "Login attribute" in Redmine LDAP conf, I suggest to use sAMAccountName (Active Directory)
4. Your users should have the "Authentication Mode" set to your LDAP source
5. If you use Login attribute sAMAccountName Make sure your Redmine username matches sAMAccountName
sAMAccountName doesn't include the domain, such as DOMAIN\sAMAccountName or sAMAccountName@domain.com
6. When you login, you should only use your sAMAccountName, not DOMAIN\sAMAccountName or sAMAccountName@domain.com
   When I login Redmine with LDAP, my username is "martin.denizet"

To troubleshoot you may want to be able to see the log scrolling:

tail -f /path/to/redmine/log/production.log

Thank you, for your answer.

I think, the points 2 - 6 just take affect, when there is an LDAP-connection, but I think
there isn't, because of the missing traffic during login.

Like I said, traffic is only if I test the connection via admin-panel.

Thank you for the hint of the log, here is is it:

Started POST "/login" for 192.168.101.50 at 2013-10-16 10:44:19 +0200
Processing by AccountController#login as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"xxxxxxxxxxxxxxxxxxxxxxxxx", "back_url"=>"http://projekt:3000/login", "username"=>"fredfist", "password"=>"[FILTERED]", "login"=>"Anmelden »"}
Current user: anonymous
Failed login for 'fredfist' from 192.168.101.50 at 2013-10-16 08:44:19 UTC
Rendered account/login.html.erb within layouts/base (93.3ms)
Completed 200 OK in 682ms (Views: 250.9ms | ActiveRecord: 37.1ms)

Any ideas?

If you are sure your user fredfist has the correct "Authentication Mode", I don't see why you would not get anything on the network.
I did this setup several time, never had a problem like that.
You could add log in the authentication function to make sure it is really trying to authenticate against LDAP.

You could add log in the authentication function to make sure it is really trying to authenticate against LDAP

How to do it?

The switch between an Authentication Source and local DB is line 258 of app/models/user.rb in the check_password?(clear_password) method.
You can also add log there such as:

  def check_password?(clear_password)
    if auth_source_id.present?
      logger.info "Trying to authenticate '"+self.login+"' with auth source "+auth_source.name if logger
      auth_source.authenticate(self.login, clear_password)
    else
      logger.info "Trying to authenticate '"+self.login+"' using local DB" if logger
      User.hash_password("#{salt}#{User.hash_password clear_password}") == hashed_password
    end
  end

You will find the detail of the LDAP authentication in app/models/auth_source_ldap.rb.

To test, find the method authenticate(login, password) and modify such as:

def authenticate(login, password)
  logger.warn "Trying LDAP authentication for '#{login}' with LDAP source "+self.name if logger

This is code for Redmine 2.3.3.
Please, note that I didn't run this code, there could be a typo. Revert these changes after testing. Also you may not want to perform any hacks like that in a production setup!

Thank you Martin, now it works.

My fault was to think, an ldap-account is enought.

Redmine needs its users, which authenticate against ldap.

Switch on user-creation on-fhe-fly and every thing works fine.