LDAP authentication and configuration

Ask community to help.

Moderators: Amaradana, TurboPT, TL Developers

LDAP authentication and configuration

Postby solex_kagepogu » Thu Dec 10, 2015 6:01 am

I'm new to TestLink. I want to configure LDAP in the TestLink of Version - 1.9.14. Can anyone brief the steps to follow for proper authentication. When i tried it showing Wrong Username and Password in the Login Page. I made the below code changes. Can you please verify it.

Code: Select all
$tlCfg->authentication['method'] = 'LDAP';

$tlCfg->authentication['ldap_server'] = 'ldap_server_ip';
$tlCfg->authentication['ldap_port'] = 'ldap_port';
$tlCfg->authentication['ldap_version'] = '3'; // could be '2' in some cases
$tlCfg->authentication['ldap_root_dn'] = 'DC=sample,DC=company,DC=local';
$tlCfg->authentication['ldap_bind_dn'] = 'CN=myname,CN=Users,DC=sample,DC=company,DC=local'; // Left empty for anonymous LDAP binding
$tlCfg->authentication['ldap_bind_passwd'] = 'password'; // Left empty for anonymous LDAP binding
$tlCfg->authentication['ldap_tls'] = false; // true -> use tls


$tlCfg->authentication['ldap_organization'] = ''; // e.g. '(organizationname=*Traffic)'
$tlCfg->authentication['ldap_uid_field'] = 'mysAMAccountName'; // Use 'sAMAccountName' for Active Directory

$tlCfg->authentication['ldap_realname_field'] = 'uid';


User prinncipal name in LDAP is : my.name@sample.company.local .

Can anyone help me regarding this issue
solex_kagepogu
TestLink user
 
Posts: 6
Joined: Tue Dec 08, 2015 11:33 am

Re: LDAP authentication and configuration

Postby fman » Thu Dec 10, 2015 6:55 am

1) Please confirm if you are using ACTIVE DIRECTORY or other LDAP Server
2) To do debug is VERY IMPORTANT/CRITIC that you try to access to your ACTIVE DIRECTORY / LDAP Server using an LDAP BROWSER,
this will allow you to test different configuration to be sure config is OK, before trying to use LDAP on TestLink.

3) Critic piece is
$tlCfg->authentication['ldap_uid_field']

because what you will type ON LOGIN FIELD, ON TESTLINK LOGIN SCREEN on user name will be searched on this attribute on the LDAP Tree
without ANY PREFIX OR SUFFIX ADDED.

Till you do not do CHECKS indicated on step (2), no other help can be provided.
fman
Member of TestLink Community
 
Posts: 3014
Joined: Tue Nov 15, 2005 7:19 am

Re: LDAP authentication and configuration

Postby solex_kagepogu » Mon Dec 14, 2015 5:56 am

Hi fman,

I'm using ACTIVE DIRECTORY. I tested those credentials with Softerra LDAP browser and those are working fine.
Could you please brief about the steps to follow for LDAP Authentication from end-to-end and if possible provide some reference links.

Regards
solex_kagepogu
TestLink user
 
Posts: 6
Joined: Tue Dec 08, 2015 11:33 am

Re: LDAP authentication and configuration

Postby fman » Mon Dec 14, 2015 6:57 am

I'm using since 2 years ACTIVE DIRE auth without issues.
IN order to help you you need to provide here the detailes test that you have done with the LDAP BROWSER because IMHO I guess your problem is with the username is passed to ACTIVE DIRECTORY.
Without this info no help can be provided.
fman
Member of TestLink Community
 
Posts: 3014
Joined: Tue Nov 15, 2005 7:19 am

Re: LDAP authentication and configuration

Postby solex_kagepogu » Tue Dec 15, 2015 12:24 pm

Please brief the steps to follow initially for AD authentication in Testlink. Please check the details below which i passed in LDAP browser.
Parameters i supplied in LDAP Browser

Hostname : ldap_server_ip
Port : 389
Protocol : LDAP v3
Base DN : DC=sample,DC=company,DC=local
Authentication Method : Simple Authentication
User DN : CN=my name,CN=Users,DC=sample,DC=company,DC=local
Password : Password

When i made a search by "sAMAccountName" as "my.name" i got following details
sAMAccountName : my.name
User Principal Name : my.name@sample.company.local
cn : my name
subSchemaSubEntry : CN=Aggregate,CN=Schema,CN=Configuration,DC=sample,DC=company,DC=local.

and i'm passing Username in the Testlink login screen as "my.name"

Are there any pre-conditions for authentication with AD? If so notify me.
solex_kagepogu
TestLink user
 
Posts: 6
Joined: Tue Dec 08, 2015 11:33 am

Re: LDAP authentication and configuration

Postby fman » Tue Dec 15, 2015 3:26 pm

$tlCfg->authentication['ldap_uid_field'] = 'mysAMAccountName'; <<<< NO GOOD is just a typo error ?

$tlCfg->authentication['ldap_uid_field'] = 'sAMAccountName'; // RIGHT CONFIG

and for
$tlCfg->authentication['ldap_bind_dn'] = 'User4Bind'; SIMPLE VALUE <******
fman
Member of TestLink Community
 
Posts: 3014
Joined: Tue Nov 15, 2005 7:19 am

Re: LDAP authentication and configuration

Postby solex_kagepogu » Tue Dec 15, 2015 4:14 pm

shall i put
$tlCfg->authentication['ldap_uid_field'] = 'sAMAccountName';
(or)
$tlCfg->authentication['ldap_uid_field'] = 'my.name';

I didn't get you for $tlCfg->authentication['ldap_bind_dn'] = 'User4Bind'; SIMPLE VALUE <******.
What does it mean? I'm using like this.
$tlCfg->authentication['ldap_bind_dn'] = 'CN=my name,CN=Users,DC=sample,DC=company,DC=local';

Is it correct or not?
solex_kagepogu
TestLink user
 
Posts: 6
Joined: Tue Dec 08, 2015 11:33 am

Re: LDAP authentication and configuration

Postby fman » Tue Dec 15, 2015 6:53 pm

IMHO comments in config are clear
This is what you need to configure
$tlCfg->authentication['ldap_uid_field'] = 'sAMAccountName';

ldap_uid_field means what attribute on the entity present on the Directory Tree has to be used as username


I didn't get you for $tlCfg->authentication['ldap_bind_dn'] = 'User4Bind'; SIMPLE VALUE <******.
simple value means that YOU HAVE TO USE the plain username.
OK Maybe the name ldap_bind_dn is not very clear

hope now things are not clear
fman
Member of TestLink Community
 
Posts: 3014
Joined: Tue Nov 15, 2005 7:19 am


Return to Installation and configuration



Who is online

Users browsing this forum: No registered users and 4 guests

cron