#355 Problem with Active Directory Authentication

open
nobody
1
2013-06-11
2013-06-10
Jonas Ferreira
No

Hi everyone,

I have problem with my mbrs instalation, if i use default authentication operates normally, but if i use ldap authentication to my Active Directory is not work.

Sorry my bad english, i'm Brazilian.

The version of mrbs is 1.4.9
OS Fedora 17 i386
PHP version: 5.4
I already install modules PHP ldap and php pear

My configuration is:

$auth["type"] = "ldap";
$ldap_host = "10.20.0.11";
$ldap_port = 389;
$ldap_v3 = true;
$ldap_tls = false;
$ldap_base_dn = "ou=Users,dc=roullier,dc=com,dc=br";
$ldap_user_attrib = "uid";
$ldap_dn_search_attrib = "sAMAccountName";
$ldap_dn_search_dn = "Administrator,ou=Users,dc=roullier,dc=com,dc=br";
$ldap_dn_search_password = "*";

Discussion

  • Jonas Ferreira
    Jonas Ferreira
    2013-06-10

    If need more information, my error_log:

    [Mon Jun 10 14:06:46 2013] [error] [client 127.0.0.1] PHP Warning: Invalid argument supplied for foreach() in /var/www/html/mrbs/web/auth/auth_ldap.inc on line 121, referer: http://localhost/mrbs/web/admin.php

    I already see my wrong config:
    $ldap_dn_search_dn = "Administrator,ou=Users,dc=roullier,dc=com,dc=br";
    I change to:
    $ldap_dn_search_dn = "cn=Administrator,ou=Users,dc=roullier,dc=com,dc=br";

    But not have sucess.

     

  • Anonymous
    2013-06-10

    You need this commit from SVN, which was added after the last release of MRBS:

    Index: auth_ldap.inc
    ===================================================================
    --- auth_ldap.inc       (revision 2248)
    +++ auth_ldap.inc       (revision 2249)
    @@ -102,6 +102,10 @@
       }
    
       // Turn any non-array config items into arrays in $all_ldap_opts
    +  if (!isset($count))
    +  {
    +    $count = 1;
    +  }
       foreach ($config_items as $item)
       {
         if (!isset($$item))
    
     
    Last edit: John Beranek 2013-06-10

  • Anonymous
    2013-06-11

    Sorry but i not have much knowledge with svn, please tell me how i did this steps.

    I have read header of files and my revision is 2312.
    To perform a test i have create a new instalation on my apache with a new directory, but i have same problem with authentication.

    I have use this command to download a new installation:
    svn co svn://svn.code.sf.net/p/mrbs/code/mrbs/trunk new

     
    Last edit: Jonas Ferreira 2013-06-11
  • Jonas Ferreira
    Jonas Ferreira
    2013-06-11

    Hello again,

    I changed the wrong file.
    I made change systemdefaults.inc.php, and correct is config.inc.php

    Now i have modified my configuration, i have other error on error_log
    $ldap_host = "10.20.0.11";
    $ldap_port = 389;
    $ldap_v3 = true;
    $ldap_tls = false;
    $ldap_base_dn = "dc=domain,dc=com,dc=br";
    $ldap_user_attrib = "uid";
    $ldap_dn_search_attrib = "sAMAccountName";
    $ldap_dn_search_dn = "cn=administrator,ou=users,dc=domain,dc=com,dc=br";
    $ldap_dn_search_password = "password";
    $ldap_get_user_email = false;
    $ldap_email_attrib = 'mail';
    $ldap_group_member_attrib = 'memberof';
    $ldap_unbind_between_attempts = false;
    $ldap_debug = true;

    Error_log:
    [Tue Jun 11 15:53:32 2013] [error] [client 127.0.0.1] authLdapAction: Got LDAP connection, referer: http://localhost/mrbs/web/admin.php
    [Tue Jun 11 15:53:32 2013] [error] [client 127.0.0.1] authLdapAction: Result of initial bind is , referer: http://localhost/mrbs/web/admin.php
    [Tue Jun 11 15:53:32 2013] [error] [client 127.0.0.1] authValidateUserCallback: base_dn 'dc=roullier,dc=com,dc=br' dn '' user 'jonas.ferreira', referer: http://localhost/mrbs/web/admin.php
    [Tue Jun 11 15:53:32 2013] [error] [client 127.0.0.1] authValidateUserCallback: Bind to '' failed, referer: http://localhost/mrbs/web/admin.php

    Any suggestion?

     
    Last edit: Jonas Ferreira 2013-06-11


Anonymous


Cancel   Add attachments