Hi at all,
I've a problem with ldap authentication, I've follow documentation and search in auth issue, but I cannot find solution.
I get this error when test LDAP server configuration
Result Messages
Binding with DN for non-anonymous search (cn=public-ldap,ou=Garda1UserTS,ou=service accounts,dc=garda1,dc=tlc). Using password entered in form.
Binding with DN for non-anonymous search (cn=public-ldap,ou=Garda1UserTS,ou=service accounts,dc=garda1,dc=tlc). Using password entered in form.
Failed to bind to server. ldap error #49 Invalid credentials
this is my ldap server configuration:
Server Properties
sid = garda1pdc
name = garda1pdc
status = 1
ldap_type = ad
address = 192.168.21.1
port = 389
tls = 0
bind_method = 1
basedn = Array ( )
binddn = cn=public-ldap,ou=Garda1UserTS,ou=service accounts,dc=garda1,dc=tlc
user_dn_expression =
user_attr = sAMAccountName
mail_attr = mail
mail_template =
unique_persistent_attr = objectsid
allow_conflicting_drupal_accts = 0
ldap_to_drupal_user =
testing_drupal_username = public-ldap
group_object_category =
search_pagination = 0
search_page_size = 1000
thanks for help
Comment | File | Size | Author |
---|---|---|---|
#17 | Result Message.png | 14.54 KB | Shaynes |
#17 | Configure Drupal.png | 28.02 KB | Shaynes |
#4 | ldap_configuration.JPG | 34.48 KB | erasmo83 |
Comments
Comment #1
johnbarclay CreditAttribution: johnbarclay commentedI would do the following:
- to make sure the credentials are correct and the binding is not restricted to a certain ip address: install an ldap client on the server such as apache's ldap client and try to bind with those credentials. This can also be done with a couple lines of php if you are a coder.
- if you are using option #4 for the binding method, try 7.x-1.x-dev as a patch was recently committed for this.
Comment #2
erasmo83 CreditAttribution: erasmo83 commentedThanks for reply
I try with this lines of code:
and I logged in!
In LDAP Server configuration --> BINDING METHOD, I use "Service Account Bind."
Comment #3
ywarnier CreditAttribution: ywarnier commentedMaybe it doesn't help at all, but in my case the credentials were correct but the basedn was incorrect. I had it working in a Drupal 6 install and it failed with the exact same config in Drupal 7.
The old basedn config was:
which, again, worked in D6.
I then tried connecting to my LDAP server with a small command-line tool (shelldap) and the DN=users was nowhere to be found (but OU=Usuarios was there), so I decided to remove that line completely.
From then, it started working.
The only plausible explanation I found is that in D6 it uses the last line of a multiple-line basedn while in D7 it uses all of them or just the first one (for the connection, that is).
In your case you don't have two lines, but maybe updating your basedn a little would fix it?
Comment #4
erasmo83 CreditAttribution: erasmo83 commentedThank's for your reply, I've try to change in "SERVICE ACCOUNT BINDING CREDENTIALS" --> "DN for non-anonymous search"
From:
cn=public-ldap,ou=Garda1UserTS,ou=service accounts,dc=garda1,dc=tlc
to:
ou=Garda1UserTS,ou=service accounts,dc=garda1,dc=tlc
but I get always the same error: "Failed to bind to server. ldap error #49 Invalid credentials"
in attached my current configuration
Comment #5
erasmo83 CreditAttribution: erasmo83 commentedSorry, I think I made a mistake,
I've made test with ldap test tool
I've invert the Organization Unit (though in my domain controller the groups are Garda1UserTS -->service accounts)
my new ldap configuration is:
binddn = cn=public-ldap,ou=service accounts,ou=Garda1UserTS,dc=garda1,dc=tlc
but I get a strange error:
Comment #6
johnbarclay CreditAttribution: johnbarclay commentedSounds like it can't find the user in the search. In your php, can you do an ldap search (see. http://us3.php.net/ldap_search) where the filter is
(&(sAMAccountName="public-ldap")
successfully?Comment #7
erasmo83 CreditAttribution: erasmo83 commentedI've try with this code:
I get this:
Comment #8
ywarnier CreditAttribution: ywarnier commentedWell, the error seems clear to me:
Comment #9
erasmo83 CreditAttribution: erasmo83 commentedHi, I've made these tests without success
cn=public-ldap,ou=service accounts,ou=Garda1UserTS,dc=garda1,dc=tlc
cn=public-ldap,dc=garda1,dc=tlc
cn=public-ldap,ou=Garda1UserTS,dc=garda1,dc=tlc
cn=public-ldap,ou=Garda1UserTS,ou=service accounts,dc=garda1,dc=tlc
Comment #10
erasmo83 CreditAttribution: erasmo83 commentedHo trovato la causa del problema: WampServer Version 2.1
Con la stessa configurazione su una macchina linux tutto è andato a buon fine.
Drupal non aveva colpe, vi ringrazio per il supporto
Comment #11
johnbarclay CreditAttribution: johnbarclay commentedvi ringrazio per la finitura fuori il problema. LDAP è un dolore.
Comment #12
ywarnier CreditAttribution: ywarnier commentedTranslation: the problem was due to WampServer Version 2.1. On a Linux server, it ran fine. The Drupal module was not the problem.
Comment #14
scsbns001 CreditAttribution: scsbns001 commentedJust installed the latest stable version for Drupal 7 ldap-7.x-1.0-beta11.
I'm getting this same error on the "Test LDAP Server Configuraion" (just saw the missing T) --
Server Properties
Apparently, the LDAP is configured that there is an entry for user "ldapsearch" that authentication must occur through to actually bind the server. I think I understand that correctly?
Yet, LDAP is going to be both for individual authentication, as well as control access to Active Directory documents that the individuals will see.
Sounded like a simple project, at the beginning.
Comment #15
johnbarclay CreditAttribution: johnbarclay commentedIn the ldap configuration, an "ldap server" is just a server configuration. If you need different bindings for different use case (authentication, provisioning, etc.) you are probably using the correct approach. Just add additional ldap server configurations with different base dns and binding methods and account as appropriate.
Does this make sense for what you are trying to do? It really depends on how your ldap is setup.
Comment #16
ywarnier CreditAttribution: ywarnier commentedOnce I got sure my config was perfect and after hours of the same kind of problem driving me crazy, I followed the recommendation in http://drupal.org/node/1623008#comment-6099148 (by John) to completely remove the module and it suddendly started working.
Just saying... it might not work, but it's definitely worth a shot.
Comment #17
Shaynes CreditAttribution: Shaynes commentedHi all,
I am the beginner of Drupal community, and I am researching configured network. When I am trying to configure LDAP in Drupal 7, I followed the instruction from .
I tried to test by the LDAP test tool to the LDAP server, it connected, but when testing with the parameters in Configure Drupal picture, I tried to fill in the password with blank or the password from users in DC, it did not work and occured the result in result message picture.
I also had question, does it need to install Certificate Authority to configure LDAP successfully?
Please help me to solve it.
Thank you
P/S: Sorry if my English is not good.
Comment #18
johnbarclay CreditAttribution: johnbarclay commentedComment #19
akeel123 CreditAttribution: akeel123 commentedHi ,
Thank you for your support regarding LDAP server and Active Directory.