jsuto / piler / issues / #1175 - LDAP Activation — Bitbucket

Issue #1175 resolved

Lo Sciame created an issue 2021-05-19

Goodmorning, i have recently activate an istance of Piler, all work great! but i had a little problem a have a lot of user like 100 an di would like to activate the LDAP.

I have edited the config-site.php on /usr/local/etc/piler adding:

\$config['ENABLE_LDAP_AUTH'] = 1;

But on the GUI the label LDAP under Administration doesn’t appear and i can’t input the data for the connection, i try to input manually the data into the config-site file but nothing.

i’am do something wrong?

i’m using the lastest version avalaible 1.3.11 build 1001 all the dependencies are installed like php-ldap

Thanks in advice for the time and the help

Best Regards

Marco

Comments (7)

Lo Sciame reporter
- edited description
- 2021-05-19T13:30:29+00:00

Janos SUTO repo owner

Normally the ldap menu doesn’t appear unless you set ENABLE_SAAS=1 in config-site.php. Note that I don’t develop this feature any longer in favour of the commercial edition of piler.

However, the ldap authentication is still possible. I have the following setup for my test host in config-site.php:

$config['ENABLE_LDAP_AUTH'] = 1;
$config['LDAP_HOST'] = 'ldaps://ldap.aaa.fu:636';
$config['LDAP_HELPER_DN'] = 'CN=Piler,CN=Users,DC=aaa,DC=fu';
$config['LDAP_HELPER_PASSWORD'] = '********';
$config['LDAP_MAIL_ATTR'] = 'mail';
$config['LDAP_BASE_DN'] = 'CN=Users,DC=aaa,DC=fu';
$config['LDAP_ACCOUNT_OBJECTCLASS'] = 'user';
$config['LDAP_DISTRIBUTIONLIST_OBJECTCLASS'] = 'group';
$config['LDAP_DISTRIBUTIONLIST_ATTR'] = 'member';

‌

Note that the backslash should not be before $config[….] as you wrote.

2021-05-20T10:31:53+00:00

Lo Sciame reporter
Hi thanks for the reply and thanks for the tips.

for the backslash you see i try to edit the post but it leave it, is my bad, typing error

i try it.

Thanks again
- 2021-05-20T10:36:55+00:00
Lo Sciame reporter
Ok, i added the LDAP configuration via GUI and the Test goes on OK.

i create the domain adding the LDAP configuration to it, but when i try to connect with AD user, FAILED

on the mail.log there’s no other information about the login failed, i see only this string:

May 20 11:20:40 piler piler-webui[1107]: ldap auth result against 192.168.1.12 / AD: 0

there’s any way to debug the process for understand why login is failed?

i also added on /etc/ldap/ldap.conf this value TLS_REQCERT never

as i see on the documentation

‌

thanks again in advice
- 2021-05-20T11:25:34+00:00
Janos SUTO repo owner
I assume then you turned on ENABLE_SAAS. I suggest to turn it off, and write the ldap config to config-site.php as I showed.

Also set $config['LOG_LEVEL']=DEBUG; to see more in mail.log
- 2021-05-20T11:36:34+00:00
Lo Sciame reporter
work like a charm, you made an awesome work.

GOOD WORK

‌

‌
- 2021-05-20T15:54:26+00:00
Lo Sciame reporter
- changed status to resolved
- 2021-05-20T15:54:47+00:00
Log in to comment

Assignee: –

Type: bug

Priority: minor

Status: resolved

Votes: 0

Watchers: 1

Jira: the preferred issue tracker for Bitbucket. Join the team!