jsuto / piler / issues / #131 - Authenticating through AD — Bitbucket

Issue #131 resolved

Hung Huynh created an issue 2013-08-23

we downloaded the virtualbox and configure the config-site.php file as instructed. We have the site running and able to log in as the local admin account. but when we enable ldap authentication, we get a server error code 500. we can't even sign in as the local admin account. see attachment for our ldap config.

thanks,

Capture.PNG

Comments (16)

Janos SUTO repo owner
Do you have the php ldap package installed? If not, then please execute apt-get update, then apt-get install php5-ldap, then restart the webserver.

Btw. it's now a bit older release, I'll make a vmware version (ova file) available next week.
- 2013-08-23T21:44:12+00:00
Hung Huynh reporter
thanks! Now after the update and reboot, i can sign in as admin@local but still can't sign in using an AD account. says invalid email and password.
- 2013-08-23T22:03:27+00:00
Janos SUTO repo owner
- is there anything in the maillog file regarding the login?
I take that LDAP_HELPER_DN is a correct LDAP DN (please verify in the ADSI Edit utility). A helper account is required for ldap based login to work.
- 2013-08-23T22:12:27+00:00
Hung Huynh reporter
yes, the ldap helper account is correct. i've even use the built-in AD admin account but had no luck. should i be using ldap_sync.php? i read on one issue, you said not to use ldap_sync.

p.s. this is what's happening in maillog.

19 Aug 23 20:19:44 piler piler-webui[882]: sphinx query: 'SELECT id FROM main1 WHERE MATCH('@to **X**** Xorg') ORDER BY sent DESC LIMIT 0,1000 OPTION max_matches=1000' in 0.00 s, 0 hits
- 2013-08-23T22:36:38+00:00
Janos SUTO repo owner
Please edit model/user/auth.php, search for private function checkLoginAgainstLDAP(), and make sure it has

if(isset($query->row['dn']) && $query->row['dn']) {

and not only

if(isset($query->row)) {

I think it will do the trick
- 2013-08-23T23:24:44+00:00
Hung Huynh reporter
I did as you instructed, no luck.
- 2013-08-23T23:40:01+00:00
Janos SUTO repo owner
How about if I make an OVA file for you tomorrow with the latest possible build?
- 2013-08-23T23:42:34+00:00
Hung Huynh reporter
that would be great. thank you for your help!
- 2013-08-23T23:43:14+00:00
Janos SUTO repo owner
The ova is ready, please check http://www.mailpiler.org/download/piler-master-branch-2013-08-24.ova

If you experience problem, then reopen this issue.
- 2013-08-26T12:23:56+00:00
Janos SUTO repo owner
- changed status to resolved
- 2013-08-26T12:24:02+00:00
Hung Huynh reporter
- changed status to open
LDAP isn't working still. here is what i did...
1. download and load the ova file you provided.
2. update the resolv.conf file to search our domain and change the ip for the nameserver (dns).
3. update the hosts file to the ip of piler server and update the dns name
4. change the interfaces to match the ip of step #3
5. update timezone
6. change all the config as instructed for the config-site.php
7. update server_name in piler.conf to match the server name of config-site.php
8. add the ldap authentication to the config-ste.php (see original screenshot)
let me know if i am doing something wrong. thanks.
- 2013-08-26T17:45:17+00:00
Hung Huynh reporter
looking through the mail.log file now, it is saying

"ldap query, base dn='', filter='(&(objectClass=user) (mail=xxxx@xxxxx.org))', attr='', 0 hits"
- 2013-08-26T19:57:15+00:00
Hung Huynh reporter
got it. issue close
- 2013-08-26T20:20:20+00:00
Hung Huynh reporter
- changed status to resolved
- 2013-08-26T20:20:26+00:00
Janos SUTO repo owner
was it the base dn?
- 2013-08-26T20:33:55+00:00
Hung Huynh reporter
yup. a typo on the base dn line.

thanks for all your help
- 2013-08-26T20:35:14+00:00
Log in to comment

Assignee: –

Type: bug

Priority: major

Status: resolved

Votes: 0

Watchers: 2

Jira: the preferred issue tracker for Bitbucket. Join the team!