Redmine

Try filling the Account field in the way domain\user_account; it works for me.

Still not working.
I change the account field to
Account = testgroup\administrator
Then I login as testgroup\user1 or user1@testgroup.com, Redmine still complain about invalid user or password.
Any suggestion would be appreciate.
Thanks you for the reply and the future replies.
Please help

Check your Base DN, maybe the CN = Users is not defined or is in other location like this Base DN = OU=Admin Users,OU=Our Domain Users,DC=testgroup,DC=com.

Thanks for your help.
It is still not working.
I put
Base DN = OU=Admin Users,OU=Our Domain Users,DC=testgroup,DC=com
And login, same message.
What command in windows 2003 that I can check whether I have CN or OU?
Do I have to create the directory in server and apply security right for redmine users, if this case do I have to put the name of the directory somewhere in Base DN, now I'm not set anything.
Sorry for these basic questions, I'm newbie in Active Directory and LDAP.
Khob Khun Krub (Thanks you very much in Thai) again

Try Ldap Admin Tool, it's free to download and test, connect to the AD using de Base DN = DC=testgroup,DC=com and explore the OUs looking for the distingishedName of the location where the AD users resides.

Ldap Admin Tool is quite a good and simple Tools
Here is what I got.
Connect by Base DN = CN=users,DC=testgroup,DC=com
Attributes
sAMAccountName=user1
givenName=User1
sN=Lastname1
mail=user1@testgroup.com
Look like everything OK, I think the Server and the connection by Base DN is OK.
But the login is still not working, same message.
Here is the log from production.log

Please advice what I can do next

Sorry wrong click, let's start again.

Ldap Admin Tool is quite a good and simple Tools

Here is what I got.
Connect by Base DN = CN=users,DC=testgroup,DC=com
Attributes
sAMAccountName=user1
givenName=User1
sN=Lastname1
mail=user1@testgroup.com

Look like everything OK, I think the Server and the connection by Base DN is OK.

But the login is still not working, same message.

Here is the log from production.log
Processing AccountController#login (for 127.0.0.1 at 2008-05-28 07:44:39) [POST]
Session ID: 25a8f2957d70cff0f2def08febc2b028
Parameters: {"action"=>"login", "username"=>"testgroup\\user2", "controller"=>"account", "password"=>"[FILTERED]", "login"=>"Login »"}
Rendering template within layouts/base
Rendering account/login
Completed in 0.04700 (21 reqs/sec) | Rendering: 0.01600 (34%) | DB: 0.00000 (0%) | 200 OK [http://localhost/login]

Processing AccountController#login (for 127.0.0.1 at 2008-05-28 07:44:56) [POST]
Session ID: 25a8f2957d70cff0f2def08febc2b028
Parameters: {"action"=>"login", "username"=>"user2@testgroup.com", "controller"=>"account", "password"=>"[FILTERED]", "login"=>"Login »"}
Rendering template within layouts/base
Rendering account/login
Completed in 0.03200 (31 reqs/sec) | Rendering: 0.00000 (0%) | DB: 0.00000 (0%) | 200 OK [http://localhost/login]

Please advice what I can do next.
Thanks thanks in advance.

One more detail, when login Ldapadmin I have to select GSS-API without SSL or SASL, Simple authentication choice not work, with or without SSL.

so to be clear you CAN authenticate against your LDAP server using LDAPadmin with credentials:
Account = administrator@testgroup.com
Password = xxxxxxxxxxx
Base DN = CN=users,DC=testgroup,DC=com

Correct?

Yes I can authenticate against my LDAP Server using LDAPadmin with
Accoun = administrator@testgroup.com
password = xxxxxxx
Base DN = CN=users,DC=testgroup,DC=com
I can see the user accounts and all its attributes.
Something different, now I can login with simple authentication if I use 'administrator@testgroup.com'.
Previously I use 'administrator', in this case I need to use GSS-API authentication without SSL or SASL.
Any suggestion ?

I'm seeing the exact same issue with our Windows 2003 Small Business Server Domain controller. LdapAdmin can connect only when gss-api is checked and not with simple encryption. Looking at Ruby's Net::LDAP module that Redmine uses, it seems to only be able to do simple authentication. Has anyone got any further with this?

Spam removed by Mischa...