#530 LDAP settings

[ncci_infra]

my system is windows
Any setup LDAP on the test network
As long as LDAP is set, the local account cannot be logged in
My settings are below
How to set up LDAP please?

$auth["session"]="php";

$auth["type"]="ldap";

$cookie_path_override='';

$auth["realm"]="mrbs";

$auth["admin"][]="administrator";

$ldap_host="192.168.1.1";

$ldap_port=389;

$ldap_v3=true;

$ldap_tls=false;

$ldap_base_dn[]="DC=abc,DC=com,DC=tw";

$ldap_base_dn[]="cn=Users,DC=abc,DC=com,DC=tw";

$ldap_user_attrib="CN";

$ldap_dn_serarch_attrib="sAMAccountName";

$ldap_debug=true;

$ladp_dn_search_dn="CN=Administrator,CN=Users,DC=abc,DC=com,DC=tw";

$ldap_dn_search_password="XXXX";

[Campbell Morrison]

As long as LDAP is set, the local account cannot be logged in

Can you explain some more what you mean by "the local account" please? Do you mean the account you set up in the config file with a username and password? If so, then no, that won't work: you can either have LDAP authentication or config authentication, but not both.

[ncci_infra]

Yes, it is the username and password configured in the file
I'm only now learning that you can't have both
But when I enter the AD account, the error is displayed, the account password is wrong
I want to see the LOG, but what path is the LOG placed in?

[Campbell Morrison]

The debug output goes to your PHP error log.

[ncci_infra]

I would like to ask you guys, is there something wrong with my configuration above?

[Campbell Morrison]

I don't know. But the easiest way of finding the problem is to look at the debug output.

[Campbell Morrison]

One thing that looks unusual is

$ldap_user_attrib="CN";

It would be more usual to have

$ldap_user_attrib="sAMAccountName";

[ncci_infra]

Been testing for a long time and still looking for bugs

[pid 5060:tid 1912] [client 10.1.2.45:58491] [MRBS DEBUG] MRBS\\Auth\\AuthLdap::validateUserCallback(310): bind to 'cn=***@***,cn=users, DC=com,DC=tw' failed: Invalid credentials [80090308: LdapErr: DSID-0C090439, comment

[Campbell Morrison]

The bind is failing because you have the wrong username/password combination. What have you got $ldap_user_attrib set to?

[Anonymous]

sAMAccountName

[Campbell Morrison]

And are you logging in with the sAMAccountName and password for that user?

[Anonymous]

I am using the password of administrator

[Campbell Morrison]

The password set in your AD? And are you using the sAMAccountName from the AD?

[Anonymous]

I just use the domain administrator account directly

[Campbell Morrison]

What happens when you try and login as another user?

[ncci_infra]

Error message: Incorrect user or password

[Campbell Morrison]

What does the debug output say?

[ncci_infra]

Parse error: syntax error, unexpected variable "$cookie_path_override" in C:\xampp\htdocs\mrbs\web\config.inc.php on line 82

When the setting is completed, it appears on the web page, and it has been checked for a long time and cannot be solved.
would like to ask for help

[Campbell Morrison]

You've probably made a typo, for example a missing semicolon, in your config file in the lines before line 82.

[ncci_infra]

Line 82 of the system, I did type
$auth["type"] = "ldap";

[Campbell Morrison]

That looks OK, but there's probably a problem somewhere else.

[Campbell Morrison]

Are you sure that you have uploaded the correct config file? If line 82 really is $auth["type"] = "ldap"; then I wouldn't expect to get the error "Parse error: syntax error, unexpected variable "$cookie_path_override" in C:\xampp\htdocs\mrbs\web\config.inc.php on line 82".

[ncci_infra]

yes no errors
But I use POP authentication instead