Logging loop with AD 2008

scharpf · 2011-10-19 22:19:49

Hello folks...
I'm struggling with a problem since i updated my GLPI to .80.4.
My conections tests with AD (windows 2008 server) are completed sucessfuly... but... when i try to login whith a user the login page keeps camming back with the message "try again".
anyone saw this before?
Thanks.

Last edited by scharpf (2011-10-19 22:21:40)

wawa · 2011-10-19 23:28:03

hello,
please post your LDAP configuration here

scharpf · 2011-10-20 16:43:19

my ldap configuration:

Server: ldap://sgr-sp-00X.sgr.net.br
Base DN: DC=sgr,DC=net,DC=br
Root DN: glpi-user@sgr.net.br
Connection Filter: (&(objectClass=user)(objectCategory=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
Login Field: samaccountname

Thanks a lot!...

wawa · 2011-10-20 18:29:08

scharpf wrote:

Root DN: glpi-user@sgr.net.br

it must be an LDAP DN

scharpf · 2011-10-20 20:09:45

My first configuration was with that
rootDN: CN=glpi-user,OU=Tecnologia Informática,OU=Usuarios,OU=SP,DC=sgr,DC=net,DC=br
But even that is not working.

wawa · 2011-10-20 21:01:45

Server: ldap://sgr-sp-00X.sgr.net.br => remove ldap:// (not needed, unless you use ldaps)

can you user connect to the directory using an ldap browser ? (for example adsiedit)

scharpf · 2011-10-21 18:20:22

Hi Wawa,

OK, "ldap://" removed... doesn't working yet!

Yes, I can connect with ADSI... even with my computer outside the network, disjoined from my domain...(giving the rigth user and password).

I also download a second ldap browser, named LDAPBROWSER from Softerra, and had the same results in and out domain. (no problems)

Still having "Unable to connect to LDAP directory" "login again" when on GLPI loguin page...

Last edited by scharpf (2011-10-21 19:26:23)

scharpf · 2011-10-21 19:25:13

The strange thing here is the test button, inside GLPI, with success results when pressed to connect on ldap.
O gosh.

I don't know if it helps but the loguin page returns always to "http://sgr-sp-10/glpi/index.php?noAUTO=1"

Last edited by scharpf (2011-10-21 19:32:06)

scharpf · 2011-10-24 21:34:39

Hello,
I can import and synchronize users from 2008 AD from GLPI...
But I still have problems to login...

If I enter an wrong user or password, the system is capable to identify that and returns the message I'm giving something wrong.
I'm thinking maybe this is a problem only on loguin.php... perhaps...
Is it possible?

I don't know what to do anymore. Any suggestions?

Thanks

Last edited by scharpf (2011-10-24 22:21:53)

scharpf · 2011-10-25 18:04:06

Hello folks...

I' installed a fresh server and the problem was solved... I Don't know what it was exactly, but all of my four servers updated to 80.4 had the same problem.

Next step will be import my database to this new server and see what happens...

Regards

Last edited by scharpf (2011-10-25 18:09:01)

scharpf · 2011-10-25 19:35:18

After database import, the login page doesn't work anymore...

How is it possible? The first thing coming in my mind now is the "glpi_users" table...

I remove an user from it and reimport... Works! this user can login... But lose historical associated assets and tickets.

To do not lose the historical associated tickets from each user, I try to synchronize one of them but this doesn't work... I must figure out how reimport or synchronize this table without losses.

Any suggestions?
Thanks.

scharpf · 2011-10-25 21:05:46

I figure out!..!

It was not a bug or a problem on update procedure...

after change the glpi version, i had to recreate the authentication method to a new one...

The secret was..., change the authentication method for all accounts.

I hope this help someone one day.

Regards.

storylove · 2011-11-26 11:54:18

It’s hard to find knowledgeable people on this topic, but you sound like you know what you’re talking about!

PomTom · 2011-12-20 19:56:21

I'm having exactly the same problem using OpenLDAP as authentication backend. My GLPI version is 0.80.5.

It used to work for some days after the initial installation. Now, I get this "Login again" message with every LDAP user. I don't know how to debug this since the way described at http://www.glpi-project.org/wiki/doku.p … nfig:debug doesn't work anymore (the corresponding MySQL tables don't exist).

Where exactly can I recreate or reconfigure the authentication method?

PomTom · 2011-12-20 20:03:08

Please ignore my post...someone obviously removed the php5-ldap package. Everything is working fine after reinstalling it :-)

Forum GLPI-Project

Announcement

#1 2011-10-19 22:19:49

Logging loop with AD 2008

#2 2011-10-19 23:28:03

Re: Logging loop with AD 2008

#3 2011-10-20 16:43:19

Re: Logging loop with AD 2008

#4 2011-10-20 18:29:08

Re: Logging loop with AD 2008

#5 2011-10-20 20:09:45

Re: Logging loop with AD 2008

#6 2011-10-20 21:01:45

Re: Logging loop with AD 2008

#7 2011-10-21 18:20:22

Re: Logging loop with AD 2008

#8 2011-10-21 19:25:13

Re: Logging loop with AD 2008

#9 2011-10-24 21:34:39

Re: Logging loop with AD 2008

#10 2011-10-25 18:04:06

Re: Logging loop with AD 2008

#11 2011-10-25 19:35:18

Re: Logging loop with AD 2008

#12 2011-10-25 21:05:46

Re: Logging loop with AD 2008

#13 2011-11-26 11:54:18

Re: Logging loop with AD 2008

#14 2011-12-20 19:56:21

Re: Logging loop with AD 2008

#15 2011-12-20 20:03:08

Re: Logging loop with AD 2008

Board footer