"Bind to... failed" on auth_ldap to MS AD
Brought to you by:
jberanek
Hi all,
I'm trying to configure MRBS to authenticate against a Windows 2003 Server Active Directory via LDAP auth, I think connection establish well, bit when tries to bind to the user, it fails, and I don't understand why.
The error trace is:
[Mon May 30 14:06:08.140257 2016] [:error] [pid 18585] [client 127.0.0.1:41113] authLdapAction: Got LDAP connection, referer: https://myorg/admin.php [Mon May 30 14:06:08.142357 2016] [:error] [pid 18585] [client 127.0.0.1:41113] authLdapAction: Result of initial bind is 1, referer: https://myorg/admin.php [Mon May 30 14:06:08.143361 2016] [:error] [pid 18585] [client 127.0.0.1:41113] authLdapAction: Found one entry using 'sAMAccountName', referer: https://myorg/admin.php [Mon May 30 14:06:08.143798 2016] [:error] [pid 18585] [client 127.0.0.1:41113] authLdapAction: base_dn 'DC=domain,DC=com' user fulano dn CN=Fulano,OU=Sistemas,OU=Informatica,DC=domain,DC=com, referer: https://myorg/admin.php [Mon May 30 14:06:08.143897 2016] [:error] [pid 18585] [client 127.0.0.1:41113] authValidateUserCallback: base_dn 'DC=domain,DC=com' dn 'CN=Fulano,OU=Sistemas,OU=Informatica,DC=domain,DC=com' user 'fulano', referer: https://myorg/admin.php [Mon May 30 14:06:08.144373 2016] [:error] [pid 18585] [client 127.0.0.1:41113] authValidateUserCallback: Bind to 'CN=Fulano,OU=Sistemas,OU=Informatica,DC=domain,DC=com' failed, referer: https://myorg/admin.php
I've tested that the user credentials are OK, as it can login to a PC in the domain.
My actual config is:
$auth["type"] = "ldap"; $ldap_host = "myhost_ip"; $ldap_port = 389; $ldap_v3 = true; $ldap_debug = true; $ldap_dn_user_attrib = "sAMAccountName"; $ldap_dn_search_attrib = "sAMAccountName"; $ldap_dn_search_dn = "cn=Administrador,cn=Users,DC=domain,DC=com"; $ldap_dn_search_password = "crupt_password"; $ldap_base_dn = "DC=domain,DC=com"; $ldap_disable_referrals = TRUE; $ldap_get_user_email = TRUE; $ldap_email_attrib = 'mail'; $ldap_group_member_attrib = 'memberof'; $ldap_unbind_between_attempts = false;
I'm using the latest release of MRBS.
Any ideas?
View and moderate all "support-requests Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Support Requests"
I think the problem may come from this lines:
$ldap_dn_search_dn = "cn=Administrador,cn=Users,DC=domain,DC=com";
$ldap_dn_search_password = "crupt_password";
Please double check the username and password carefully.
https://sourceforge.net/p/mrbs/support-requests/1143/
Try this if it can fix your problem.