OpenLDAP autentication faillure

pasto · 2007-06-12 20:08:00

hello.
My configuration ldap in GLPI external authentication is:
HostLDAP: 192.168.100.60
portLDAP: 389
basedn: dc=munimrg,dc=net
rootdn (for non anonymous binds): cn=root,dc=munimrg,dc=net
Pass(for non anonymous binds): ******
Connection filter:
Login Field: uid
Use TLS: no
Search type: in users
User attribute containing its groups:
Filter to search in groups:
Group attribute containing its users:
Surname: sn
Firstname: givenname
Location: physicaldeliveryofficename
E-Mail: mail
Phone: telephonenumber
Phone 2: homephone
Mobile: mobile

When I add an external user brings it well, but when I want to login itself as that user gives the following error me:

Several User not found or users found.
Invalid credentials
Several User not found or users found

I use ldap of that way for other applications and works well
I use GLPI version 0.68.3 and Open LDAP in Mandriva Linux 2007.1.
Please, Somebody can help me?

Pardon by my English.
Gracias!

wawa · 2007-06-12 22:55:12

hello
you should specify a filter. for example (objectclass=inetOrgPerson)

pasto · 2007-06-13 16:25:51

Thanks to respond. But it continues giving he himself error to me. As it is the syntax of filter to search in groups and as it is the syntax of the connection filter. Example (ldiff) of my tree:
Groups:
dn: cn=DEPOSITO,ou=Groups,dc=munimrg,dc=net
objectClass: posixGroup
objectClass: sambaGroupMapping
objectClass: top
cn: DEPOSITO
description: Deposito
displayName: Deposito
gidNumber: 1041
memberUid: mzalazar
sambaGroupType: 5
sambaSID: S-1-5-21-1795627355-82556819-1494262987-1041

Users:
dn: uid=Invitado,ou=Users,dc=munimrg,dc=net
objectClass: sambaSamAccount
objectClass: shadowAccount
objectClass: posixAccount
objectClass: inetOrgPerson
cn: invitado
description: Usuario Invitado
displayName: Usuario Invitado
gecos: Usuario Invitado
gidNumber: 514
givenName: Invitado
homeDirectory: /home/invitado
loginShell: /bin/bash
sambaAcctFlags: [XU ]
sambaDomainName: MUNIMRG
sambaHomeDrive: X:
sambaHomePath: \\COMPU2\invitado

thank you very much

wawa · 2007-06-13 16:38:02

hum...
login field : cn

the filter should be something like (objectclass=inetOrgPerson)

to search in the groups :
* search in groups
* filter to search in groups : (objectclass=posixGroup)
* Group attribute containing its users : memberUid
* use dn for search : no

pasto · 2007-06-13 18:11:22

I have not been able. I put like this indicated, but I could not. Where is the "use dn for search" option? I do not understand because I can add a user without problems with that configuration, but I cannot authenticate it.

My configuration ldap in GLPI external authentication is:
HostLDAP: 192.168.100.60
portLDAP: 389
basedn: dc=munimrg,dc=net
rootdn (for non anonymous binds): cn=root,dc=munimrg,dc=net
Pass(for non anonymous binds): ******
Connection filter: (objectclass=inetOrgPerson)
Login Field: cn
Use TLS: no
Search type: in groups
User attribute containing its groups:
Filter to search in groups: (objectclass=posixGroup)
Group attribute containing its users: memberUid
Surname: sn
Firstname: givenname
Location: physicaldeliveryofficename
E-Mail: mail
Phone: telephonenumber
Phone 2: homephone
Mobile: mobile

I proved to write memberUid and other objects in small letters, but it continues giving error.
Please… help me.
Thank you very much

Forum GLPI-Project

Announcement

#1 2007-06-12 20:08:00

OpenLDAP autentication faillure

#2 2007-06-12 22:55:12

Re: OpenLDAP autentication faillure

#3 2007-06-13 16:25:51

Re: OpenLDAP autentication faillure

#4 2007-06-13 16:38:02

Re: OpenLDAP autentication faillure

#5 2007-06-13 18:11:22

Re: OpenLDAP autentication faillure

Board footer