You are not logged in.

Announcement

 Téléchargez la dernière version stable de GLPI      -     Et vous, que pouvez vous faire pour le projet GLPI ? :  Contribuer
 Download last stable version of GLPI                      -     What can you do for GLPI ? :  Contribute

Pages: 1

#1 2007-04-20 22:48:54

kg026
Member
Registered: 2007-04-20
Posts: 5

External Authentication Problem!!

I'm using the latest and greatest GLPI version and am attempting to setup authentication using Windows Server 2003 LDAP. I have my ldap user setup correctly as I use it for 2 other programs already but for some reason I can't get it to work with GLPI. Can someone please help me!.. Here are my external authentication settings... Thanks!..

        LDAP configuration
LDAP Host:        server.domain.com
LDAP Port:        389
Basedn:            DC=domain,DC=com
rootdn:            CN=ldapuser,CN=users,DC=domain,DC=com
pass:            *********
Connection Filter:    (&(objectClass=user)(objectCategory=person))
Login Field:        samaccountname
Use TLS:        ldap_start_tls does not exist

        Belonging to groups
Search type:  In Users
User attribute containing its groups:
Filter to search in groups:
Group attribute containing its users:

            GLPI/LDAP Links
Surname:        sn
Firstname:        givenname
Location:        physicaldeliveryofficename
E-Mail:            mail
Phone:            telephonenumber
Phone 2:
Mobile:

Offline

#2 2007-04-20 22:53:58

kg026
Member
Registered: 2007-04-20
Posts: 5

Re: External Authentication Problem!!

I guess I should add that when i try to login as user or user@domain.com I get the following message...

Invalid credentials
Invalid credentials
Invalid credentials
.

Log in again

Offline

#3 2007-04-21 00:02:08

tsmr
GLPI-DEV
From: Rennes
Registered: 2005-08-26
Posts: 11,632
Website

Re: External Authentication Problem!!

version of glpi plz ?

Xavier Caillaud
Blog GLPI Infotel

Offline

#4 2007-04-21 01:12:47

kg026
Member
Registered: 2007-04-20
Posts: 5

Re: External Authentication Problem!!

I'm using GLPI 0.68.3.

Offline

#5 2007-04-24 17:13:24

kg026
Member
Registered: 2007-04-20
Posts: 5

Re: External Authentication Problem!!

I figured out the problem myself! The LDAP configuration I posted is correct however my many attempts at getting the correct configuration locked out my LDAP user account. After I unlocked the account it works perfectly!

Offline

#6 2007-04-24 17:17:22

tsmr
GLPI-DEV
From: Rennes
Registered: 2005-08-26
Posts: 11,632
Website

Re: External Authentication Problem!!

ldap host : ldap:\\server.domain.com

and verify your rootdn.

Try with LDAP Browser to test your connection. If you succeeded with LDAP browser , you must succeed with glpi smile

Xavier Caillaud
Blog GLPI Infotel

Offline

#7 2007-05-15 07:57:15

Akshay
Member
From: India
Registered: 2007-04-27
Posts: 17

Re: External Authentication Problem!!

HI All,

LDAP configuration
LDAP Host:        ldap://server.domain.com
LDAP Port:        389
Basedn:            DC=domain,DC=com
rootdn:            CN=glpiadmin,CN=Users,DC=domain,DC=com
pass:            *********
Connection Filter:    (&(objectClass=user)(objectCategory=person))
Login Field:        glpiadmin
Use TLS:        no

        Belonging to groups
Search type:  In Users
User attribute containing its groups:
Filter to search in groups:
Group attribute containing its users:

            GLPI/LDAP Links
Surname:       
Firstname:       glpiadmin
Location:       
E-Mail:           
Phone:           
Phone 2:
Mobile:

when i try to log on to GLPI using an AD user i get,
Can't Contact LDAP SERVER
Can't Contact LDAP SERVER
Can't Contact LDAP SERVER
                   .
   Loging Again

im using glpi 0.68.3 and my AD is windows 2003
i even tried the LDAP Browser and its working perfectly....

Help

Offline

#8 2007-05-15 08:43:05

tsmr
GLPI-DEV
From: Rennes
Registered: 2005-08-26
Posts: 11,632
Website

Re: External Authentication Problem!!

Login Field:        glpiadmin -> samaccountname

Surname:      sn
Firstname:       firstname

Xavier Caillaud
Blog GLPI Infotel

Offline

#9 2007-05-15 08:59:55

Akshay
Member
From: India
Registered: 2007-04-27
Posts: 17

Re: External Authentication Problem!!

thanks for the reply
i created a user called glpiadmin and glpiadmin is also its samaccountname,
surname field i left blank
Firstname is also glpiadmin

so, do i still have to change the fields as you asked me to?

Offline

#10 2007-05-15 09:05:26

Akshay
Member
From: India
Registered: 2007-04-27
Posts: 17

Re: External Authentication Problem!!

and also,

on the "EXTERNAL SOURCES OF AUTHENTICATION" page i get

IMAP/POP configuration
Your parser PHP was compiled without the IMAP functions

Impossible to use IMAP/POP as external source of connection

can this be the problem?

Offline

#11 2007-05-15 09:12:17

tsmr
GLPI-DEV
From: Rennes
Registered: 2005-08-26
Posts: 11,632
Website

Re: External Authentication Problem!!

Akshay wrote:

thanks for the reply
i created a user called glpiadmin and glpiadmin is also its samaccountname,
surname field i left blank
Firstname is also glpiadmin

so, do i still have to change the fields as you asked me to?

Yes because you must write the attribute and not the value.

Imap / pop is not the problem.

Try to change the fieds. You can try also to test your ad connection with ldap browser.

Xavier Caillaud
Blog GLPI Infotel

Offline

#12 2007-05-15 09:41:35

Akshay
Member
From: India
Registered: 2007-04-27
Posts: 17

Re: External Authentication Problem!!

thanks

I did change the field but the problem still remains

I tested my AD connection with the LDAP browser and its working fine

Offline

#13 2007-05-15 10:43:30

Akshay
Member
From: India
Registered: 2007-04-27
Posts: 17

Re: External Authentication Problem!!

i was going through the help files and it said " In order to be able to use one of these modes of authentification, you first must activate the corresponding extensions in your PHP configuration."

Do i have to make some changes in the PHP configuration if i want to use AD auth?

Offline

#14 2007-05-15 10:50:11

tsmr
GLPI-DEV
From: Rennes
Registered: 2005-08-26
Posts: 11,632
Website

Re: External Authentication Problem!!

if you can setup your ad auth in glpi, so your extension is activated.

Can you come on irc channel #glpi, on freenode.net, it was more easy.

Xavier Caillaud
Blog GLPI Infotel

Offline

#15 2007-05-15 11:17:12

Akshay
Member
From: India
Registered: 2007-04-27
Posts: 17

Re: External Authentication Problem!!

is there any way to check if the particular extension has been activated or not?

I tried cming on to freenode but as i have never used IRC couldnt really makeout how to do it. I downloaded X-chat but im getting connection refused on freenode

Offline

#16 2007-05-16 17:31:30

kg026
Member
Registered: 2007-04-20
Posts: 5

Re: External Authentication Problem!!

PLEASE MAKE THE FOLLOWING CHANGES AND REPOST YOUR CONFIGURATION IF STILL HAVING PROBLEMS (It's makes it easier to view what changes you're making this way)....

First I will assume you have a correctly configured LDAP user for AD. Looking at your configuration here is what I see wrong according to my working install. Also one problem I had was I tried so many things to get this to work and it was actually contacting the AD server and I ended up locking out my LDAP user account which is why I was receiving an Incorrect login like you are seeing. So try these few things as I noticed you do have some config problems.

1) Change LDAP Host to server.domain.com (no ldap://)

2) Make sure your domain in AD is not in all caps, if it is you will need to change it in GLPI.

3) Youre Login Field is incorrect. It should be samaccountname (This is what AD uses to query and is probably your main problem.)

4) I didn't use a Connection Filter. May work ok but I don't use it.

5) Use the following info for GLPI/LDAP Links:

Surname:        sn
Firstname:       givenname
Location:        physicaldeliveryofficename
E-Mail:           mail
Phone:           telephonenumber
Phone 2:
Mobile:

Offline

Pages: 1

Board footer

Powered by FluxBB