Git Product home page Git Product logo

Comments (10)

tchapi avatar tchapi commented on September 22, 2024

Hi

I'm no LDAP expert, but I know that DN patterns must be precisely crafted for it to work on ldap_bind. See this comment here — could that be it?

When you talk about ldap-base, you talk about a PHP package or a Linux package?

from davis.

thelittleblackbird avatar thelittleblackbird commented on September 22, 2024

hi all,
how can i add the bind parameters? in my ldap configuration i have disabled the anonymous checks for security reasons but now the user query always fails.

I am using the docker version by the way
regards

from davis.

tchapi avatar tchapi commented on September 22, 2024

Hello @thelittleblackbird

You can specify params in the LDAP_* env params (see here) — does that answer your question?

from davis.

thelittleblackbird avatar thelittleblackbird commented on September 22, 2024

Hi,
sorry but this is not enough. I need some params to make a bind connection with a password. I dont see any other env not even in the code to create such connection.

I need to specify the bind connection string and a password.

I am afraid that with those variables i am only able to do an anonymous search, that in my case is not enough :(

from davis.

markush97 avatar markush97 commented on September 22, 2024

I would really like to debug this. But I cannot find any logs. Neither in /var/log/* nor in /var/www/davis/var/log*.

Is there a way to increase verbosity? Or where are the php logs being stored to?

from davis.

tchapi avatar tchapi commented on September 22, 2024

I need some params to make a bind connection with a password. I dont see any other env not even in the code to create such connection.

Having some kind of raw PHP script that you use (and that succeeds in connecting), using the standard php ldap lib, could help me understand what I need to change in the implementation. Would that be possible?

Neither in /var/log/* nor in /var/www/davis/var/log*.

If you run a server locally you get all the logs in the console directly. In the container, you get all the logs in /var/www/davis/var/log/prod.log, but only if you have an error (it's the fingers_crossed filter, explained here)

from davis.

thelittleblackbird avatar thelittleblackbird commented on September 22, 2024

hi all,

i checked it again and I saw this code in the src/Services/LDAPAuth.php

    try {
        $bind = ldap_bind($ldap, $dn, $password);
        if ($bind) {
            $success = true;
        }
    } catch (\ErrorException $e) {
        error_log($e->getMessage());
        error_log('LDAP Error: '.ldap_error($ldap).' ('.ldap_errno($ldap).')');
    }

This is the snippet of code necessary to launch a bind connection. but dont know how to pass the password to that function.
the other two parameters can be mapped to LDAP_AUTH_URL and LDAP_DN_PATTERN respectively.

so the point is that if i set the $dn to domain name pointing to an user with password (not anonymous connection) then i can not pass the password and therefore the connection fails.

right now with just a variable in the .env for setting the password would be enough (think so)

PS: mi think i said that i couldnt locate the code in charge of the function, but here it is. so clearlyi need to sleep more.

regards

from davis.

tchapi avatar tchapi commented on September 22, 2024

but dont know how to pass the password to that function.

I don't really understand: the password is the one provided by the user when accessing a resource. If you try in the browser, you will be prompted with an auth dialog box in which you can enter username and password. These are then passed to the validateUserPass function of the LDAPAuth service, which in turns calls the ldapOpen method.

from davis.

thelittleblackbird avatar thelittleblackbird commented on September 22, 2024

hi all,

I spent a bit more time investigating this problem i found that mistake was in my side.

it is working and i am able to sync several profiles counts. So I was totally mistaken.

I have found a problem with the integration with thunderbird and samsung calendar. But this is a totally new history

regards and thanks

from davis.

tchapi avatar tchapi commented on September 22, 2024

Hi @thelittleblackbird

Glad you had it working ✨

I have found a problem with the integration with thunderbird and samsung calendar

Don't hesitate to open new issues with this if you can, I'll do my best to debug / fix

from davis.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.