Comments (7)
Kipjr
commented on August 23, 2024
Can you use LDP.exe (installed on DC, or manually downloaded) to check the correct filter. I also need the log file, especially the line of the filter
from ldap_login.
janebi98
commented on August 23, 2024
I tested my base DN with LDP.exe and it works.
Which filter should I test exactly?
User Object Filter and Group Object Filter are currently not filled out. (Default AD values)
Here is my log (ldap_login.log)
[2023:11:23 10:40:313553] DEBUG: New LDAP Instance
[2023:11:23 10:40:313786] DEBUG: [function]> ldap_conn
[2023:11:23 10:40:313868] DEBUG: [function]> make_ldap_conn
[2023:11:23 10:40:313942] DEBUG: [make_ldap_conn]> ld_port is 389. Connecting using default protocol
[2023:11:23 10:40:314074] DEBUG: [make_ldap_conn]> connected (LDAP_OPT_PROTOCOL_VERSION 3)
[2023:11:23 10:40:314147] DEBUG: [ldap_conn]> true
[2023:11:23 10:40:314213] DEBUG: [function]> Ldap_Login Test
[2023:11:23 10:40:314282] DEBUG: [function]> ldap_search_dn
[2023:11:23 10:40:314350] DEBUG: [function]> ldap_search_dn(lname)
[2023:11:23 10:40:314419] DEBUG: [ldap_search_dn]> Connecting to server
[2023:11:23 10:40:314486] DEBUG: [ldap_search_dn]> make_ldap_bind_as($this->cnx,CN=Piwigo,OU=Systembenutzer,OU=_Benutzer,DC=EXAMPLE,DC=local ,$this->config['ld_bindpw']
[2023:11:23 10:40:314593] DEBUG: [function]> make_ldap_bind_as
[2023:11:23 10:40:314659] DEBUG: [make_ldap_bind_as]> $conn,CN=Piwigo,OU=Systembenutzer,OU=_Benutzer,DC=EXAMPLE,DC=local
[2023:11:23 10:40:317650] DEBUG: [make_ldap_bind_as]> Bind was successfull
[2023:11:23 10:40:317771] DEBUG: [ldap_search_dn]> @ldap_search($this->cnx,DC=EXAMPLE,DC=local,(&(&(objectClass=person)(sAMAccountname=lname))(cn=*)),array('dn'),0,1)
[2023:11:23 10:40:318663] DEBUG: [ldap_search_dn]> ldap_search successfull
[2023:11:23 10:40:318780] DEBUG: [ldap_search_dn]> RESULT: CN=Lname\, Jan,OU=Testbenutzer,OU=Windows,OU=PC-Laptop User,OU=_Benutzer,DC=EXAMPLE,DC=local
[2023:11:23 10:40:318861] DEBUG: [function]> check_ldap
[2023:11:23 10:40:318927] DEBUG: [function]> ldap_conn
[2023:11:23 10:40:318991] DEBUG: [function]> make_ldap_conn
[2023:11:23 10:40:319060] DEBUG: [make_ldap_conn]> ld_port is 389. Connecting using default protocol
[2023:11:23 10:40:319195] DEBUG: [make_ldap_conn]> connected (LDAP_OPT_PROTOCOL_VERSION 3)
[2023:11:23 10:40:319478] DEBUG: [ldap_conn]> true
[2023:11:23 10:40:319623] DEBUG: [function]> ldap_bind_as
[2023:11:23 10:40:319698] DEBUG: [ldap_bind_as]> CN=Piwigo,OU=Systembenutzer,OU=_Benutzer,DC=EXAMPLE,DC=local
[2023:11:23 10:40:319772] DEBUG: [function]> make_ldap_bind_as
[2023:11:23 10:40:319842] DEBUG: [make_ldap_bind_as]> $conn,CN=Piwigo,OU=Systembenutzer,OU=_Benutzer,DC=EXAMPLE,DC=local
[2023:11:23 10:40:323031] DEBUG: [make_ldap_bind_as]> Bind was successfull
[2023:11:23 10:40:323211] DEBUG: [ldap_bind_as]> Bind was successfull
[2023:11:23 10:40:323289] DEBUG: [function]> ldap_bind_as
[2023:11:23 10:40:323357] DEBUG: [ldap_bind_as]> CN=Lname\, Jan,OU=Testbenutzer,OU=Windows,OU=PC-Laptop User,OU=_Benutzer,DC=EXAMPLE,DC=local
[2023:11:23 10:40:323427] DEBUG: [function]> make_ldap_bind_as
[2023:11:23 10:40:323493] DEBUG: [make_ldap_bind_as]> $conn,CN=Lname\, Jan,OU=Testbenutzer,OU=Windows,OU=PC-Laptop User,OU=_Benutzer,DC=EXAMPLE,DC=local
[2023:11:23 10:40:328436] DEBUG: [make_ldap_bind_as]> Bind was successfull
[2023:11:23 10:40:328680] DEBUG: [ldap_bind_as]> Bind was successfull
[2023:11:23 10:40:328757] DEBUG: [function]> check_ldap_group_membership
[2023:11:23 10:40:328871] DEBUG: [function]> make_ldap_bind_as
[2023:11:23 10:40:328941] DEBUG: [make_ldap_bind_as]> $conn,CN=Piwigo,OU=Systembenutzer,OU=_Benutzer,DC=EXAMPLE,DC=local
[2023:11:23 10:40:330551] DEBUG: [make_ldap_bind_as]> Bind was successfull
[2023:11:23 10:40:330695] DEBUG: [check_ldap_group_membership]> @ldap_search($this->cnx,'DC=EXAMPLE,DC=local', '(&(objectclass=group)(cn=Piwigo_User)(member=CN=Lname\, Jan,OU=Testbenutzer,OU=Windows,OU=PC-Laptop User,OU=_Benutzer,DC=EXAMPLE,DC=local)(cn=*))','member') for Piwigo_User
[2023:11:23 10:40:330848] DEBUG: [function]> getErrorString
[2023:11:23 10:40:330929] DEBUG: [getErrorString]> Bad search filter
[2023:11:23 10:40:330998] DEBUG: [check_ldap_group_membership]> ldap_search NOT successful: Bad search filter
from ldap_login.
Kipjr
commented on August 23, 2024
(&
(objectclass=group)
(cn=Piwigo_User)
(member=CN=Lname\, Jan,OU=Testbenutzer,OU=Windows,OU=PC-Laptop User,OU=_Benutzer,DC=EXAMPLE,DC=local)
(cn=*)
)
This seems OK. In LDP.exe can you do search and as filter add (&(objectclass=group)(cn=Piwigo_User)(member=CN=Lname\, Jan,OU=Testbenutzer,OU=Windows,OU=PC-Laptop User,OU=_Benutzer,DC=EXAMPLE,DC=local)(cn=*))
from ldap_login.
janebi98
commented on August 23, 2024
Okay, it works.
But is it right, that these fields are emty?
from ldap_login.
Kipjr
commented on August 23, 2024
$search_filter = "(&(objectclass=$group_class)(cn=$group_cn)($member_attr=$user_dn)($group_filter))";
The cause might be related to your comma "," which is being escaped by ""
https://stackoverflow.com/questions/39794550/how-should-i-escape-ldap-special-characters
possible solution:
pingidentity/ldapsdk#10 (comment)
from ldap_login.
janebi98
commented on August 23, 2024
Okay, but is it right that user object and group object filter are emty? (see my screenshot)
from ldap_login.
Kipjr
commented on August 23, 2024
Yes, as it is covered in this line:
from ldap_login.
Related Issues (20)
- Create automatic build tests HOT 1
- Paths not found HOT 6
- Settings not updating HOT 1
- Newest version not available from plugin website HOT 1
- ldap_login Version: 13.6.0 - PHP 7 compatibility HOT 2
- Bug: Trying to access array offset on value of type null HOT 1
- Bug: Deprecated : strlen(): Passing null Error HOT 1
- Error : Can't contact LDAP server for binding on server ldaps://192.168.200.20:389 for user piwigo, check your binding! HOT 3
- Question: can we manage User Groups through LDAP? HOT 1
- Fail to login with Android App and Digikam HOT 2
- "Error 502 Bad Gateway" when authenticating with LDAP in Piwigo 13.8 HOT 10
- LDAP plugin showing 'and error occured' HOT 3
- check_ldap_group_membership whith openldap result in bad filter for memberUid HOT 2
- Question: What happens when users change their passwords in Piwigo? HOT 2
- Trying to mark Sync Users in Group Management gives fatal error HOT 4
- Message when active Ldap login HOT 2
- error debug ldap_login HOT 1
- unable to active the plugin in Piwigo 14.4.0 HOT 1
- Passwords: Extend support for special characters or provide documentation of supported special characters HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ldap_login.