LDAP issues (not getting any error output)

Ask community to help.

Moderators: Amaradana, TurboPT, TL Developers

LDAP issues (not getting any error output)

Postby gcomeau » Mon Feb 11, 2019 5:12 pm

I am currently trying to get LDAPS working between our testlink application and our active directory DC. I am having some troubles getting either LDAP or LDAPS working based on the sample configuration provided in the read me.

Below is my configuration:

Code: Select all
$tlCfg->authentication['method'] = 'LDAP';

$tlCfg->authentication['ldap'] = array();
$tlCfg->authentication['ldap'][1]['ldap_server'] = 'dc.example.com';
$tlCfg->authentication['ldap'][1]['ldap_port'] = '389';
$tlCfg->authentication['ldap'][1]['ldap_version'] = '3'; // could be '2' in some cases
$tlCfg->authentication['ldap'][1]['ldap_root_dn'] = 'OU=Domain Users,OU=test,DC=example,DC=com';
$tlCfg->authentication['ldap'][1]['ldap_bind_dn'] = 'CN=svcTEST, OU=OrgUnit, DC=example, DC=com'; // Left empty for anonymous LDAP binding
$tlCfg->authentication['ldap'][1]['ldap_bind_passwd'] = 'xxxxxxxxxxxxxx'; // Left empty for anonymous LDAP binding
$tlCfg->authentication['ldap'][1]['ldap_tls'] = false; // true -> use tls

// Following configuration parameters are used to build
// ldap filter and ldap attributes used by ldap_search()
//
// filter => "(&$t_ldap_organization($t_ldap_uid_field=$t_username))";
// attributess => array( $t_ldap_uid_field, 'dn' );
//
// This can be used to manage situation like explained on post on forum:
// ActiveDirectory + users in AD group
//
// $tlCfg->authentication['ldap'][1]['ldap_organization'] = ''; // e.g. '(organizationname=*Traffic)'
$tlCfg->authentication['ldap'][1]['ldap_uid_field'] = 'sAMAccountName'; // Use 'sAMAccountName' for Active Directory

// Configure following fields in custom_config.inc.php according your configuration
/*$tlCfg->authentication['ldap'][1]['ldap_email_field'] = 'mail';
$tlCfg->authentication['ldap'][1]['ldap_firstname_field'] = 'givenname';
$tlCfg->authentication['ldap'][1]['ldap_surname_field'] = 'sn';
*/

// Follows Mantisbt idea.
// True if user does not exist on DB, but can be get from LDAP,
// the user will be created AUTOMATICALLY with default user role.
// Create user with following data from LDAP
// mail
// name
// surname
$tlCfg->authentication['ldap_automatic_user_creation'] = false;


The odd thing is, that when I use ldapsearch from my centos box where testlink is setup and try to connect to the active directory dc, I am receiving valid credentials from the dc.

Code: Select all
ldapsearch -x -LLL -p 389 -h dc1.example.com -D svcTest -w xxxxxxxxxxxxx -b "OU=Domain Users,OU=test,DC=example,DC=com"


I am getting all the active directory accounts from the OU that I want, as an example:

Code: Select all
dn: CN=Gil Tea,OU=Retired,OU=Robotics,OU=Domain Users,OU=TEST,
 DC=example,DC=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: Gil Tea
sn: Tea
title: Electrical Engineer
description: Robotics
facsimileTelephoneNumber: +9999999999
givenName: Gil


I am not getting any of value out of the testlink, nginx, php-fpm error logs. I have been trying to capture packets to the ports but still have not be able to debug the issue yet. If someone could point me in the right direction, it would be apprecicated.
gcomeau
TestLink user
 
Posts: 8
Joined: Wed Feb 06, 2019 6:06 pm

Re: LDAP issues (not getting any error output)

Postby gcomeau » Mon Feb 11, 2019 7:18 pm

So the setup only works properly if:
$tlCfg->authentication['ldap_automatic_user_creation'] = false;

Is set to:
$tlCfg->authentication['ldap_automatic_user_creation'] = true;

Not sure why this is the case? Can this be set up without the flag enabled?
gcomeau
TestLink user
 
Posts: 8
Joined: Wed Feb 06, 2019 6:06 pm

Re: LDAP issues (not getting any error output)

Postby fman » Wed Feb 13, 2019 10:57 am

Hmm, very strange I'm going to check what control is failing.
Things have to work no matter this attribute value
fman
Member of TestLink Community
 
Posts: 3062
Joined: Tue Nov 15, 2005 7:19 am


Return to Installation and configuration



Who is online

Users browsing this forum: No registered users and 3 guests