1. Janos SUTO Avatar Janos SUTO
  2. Piler
  3. piler
  4. Issues

LDAP authentication against Windows AD

Issue #214 resolved
Ronald Top created an issue

Hi Janos,

I tried to enable ldap auth against my Windows AD. This is what I've put in the config.php: $config['ENABLE_LDAP_AUTH'] = 1; $config['LDAP_HOST'] = 'sys-dc05.shared.local'; $config['LDAP_HELPER_DN'] = 'cn=SYS-PILER-HELPER,ou=Users,ou=SYS,dc=shared,dc=local'; $config['LDAP_HELPER_PASSWORD'] = 'SYS-PILER-HELPER'; $config['LDAP_MAIL_ATTR'] = 'mail'; $config['LDAP_ACCOUNT_OBJECTCLASS'] = 'user'; $config['LDAP_BASE_DN'] = 'ou=hosted,dc=shared,dc=local';

However, after I put my credentials in the login form, I get an empty page from login.php. Am I missing something??

Thanks! Ronald

Comments (5)

  2. Ronald Top reporter

    Hi Janos,

    I installed the package, however, no matter what I type as user and pass (valid and invalid) after hitting ‘submit’, I see that the url changes to ‘http://sys-piler01.shared.local/search.php’ but I see still the login form (please see attachment). I use google chrome to access piler.

    Do you know where ldap stuff is logged? And if my config.php is allright (objectclass etc) (note that the last two lines are commented out)?

    It’s like below:

    $config['ENABLE_LDAP_AUTH'] = 1; //enable $config['LDAP_HOST'] = 'sys-dc05.shared.local'; // my dc $config['LDAP_HELPER_DN'] = 'cn=SYS-PILER-HELPER,ou=Users,ou=SYS,dc=shared,dc=local'; //dsn of my helper $config['LDAP_HELPER_PASSWORD'] = 'SYS-PILER-HELPER'; // it’s password $config['LDAP_MAIL_ATTR'] = 'mail'; // mail attribute of the logged on user $config['LDAP_ACCOUNT_OBJECTCLASS'] = 'user'; //objectclass $config['LDAP_BASE_DN'] = 'ou=hosted,dc=shared,dc=local'; //base DN, all users are in sub ou’s underneath this one //$config['LDAP_DISTRIBUTIONLIST_OBJECTCLASS'] = 'zimbraDistributionList'; //commented out //$config['LDAP_DISTRIBUTIONLIST_ATTR'] = 'zimbraMailForwardingAddress'; //commented out

    Thanks! Ronald

  3. Janos SUTO repo owner

    Hello Ronald,

    The login related ldap stuff also goes to /var/log/mail.log. In general look for "piler-webui" to get the syslog messages the gui creates. Please check that the helper account can actually connect to the AD server, and show me the syslog entries related to the login. You may send them to my email address, see "piler -V"

  6. Log in to comment
Assignee
Type
bug
Priority
major
Status
resolved
Votes
0
Watchers
2
Jira: the preferred issue tracker for Bitbucket. Join the team!