Defect #1185
closedLogin using Mac OS X OpenDirectory (LDAP) not working
100%
Description
Hi,
I've setup a LDAP Auth Source using a Mac OS X server open directory (LDAP). The connection test is successful (using the link on the page). Anyway, I can't get login with my user / password. Please find the settings I've used :
- Create accounts on the fly => true
- Login => RecordName
- FirstName => RealName
- LastName => LastName
- Email => EmailAddress
By the way, Open Directory on mac os X 10.4 (not tested on 10.5) does not provide serared firstname and lastname. The name is combined in RealName (ex: "Jean-Philippe Lang").
I always get a "Invalid user or password" Error when I try to login with a ldap account (local accounts work fine).
Thanks,
Philippe
Updated by Philippe Lafoucrière over 16 years ago
also tried with :
- Create accounts on the fly => true
- Login => uid
- FirstName => cn
- LastName => sn
- Email => mail
with same result (can't login using ldap).
Updated by Philippe Lafoucrière over 16 years ago
Ok problem (almost) solved :
The account (cf RedmineLDAP) was incorrect (I did not provide full information for this account, like uid=diradmin,cn=user,dc=site,dc=com).
Anyway, I leave the bug open, since the test method seems to be always happy, even with wrong LDAP params (port, etc.).
Updated by Jean-Philippe Lang over 16 years ago
- Priority changed from High to Normal
Thanks for the feedback.
I'll change the test method to do an LDAP search query.
Updated by Philippe Lafoucrière over 16 years ago
Hi Jean-Philippe,
maybe this could take place in the wiki also ? It's not so obvious to setup redmine against a Mac OS X opendirectory.
I can provide the pages if you want.
Regards,
Philippe
Updated by Robert Cerny over 16 years ago
Hi,
I'm running Redmine 0.6.3 and still can't find a way how to allow users authenticate via LDAP hosted on OS X Server 10.4. I tried to enable debugging of DirectoryService on the server but get no details from Redmine. Do I understand correctly that Philippe got it to work?
Updated by Philippe Lafoucrière over 16 years ago
hi Robert,
yes I got it to work. You have to be careful of the params you provide to connect to your Open Directory Server, since the connexion test will be (almost) OK.
Please find the parameters I've used :
NAME : whateveryouwant
Host : yourhost...
Port : 636 with SSL (if you have enabled SSL for LDAP - "Server Admin" tool is your friend here)
account : uid=diradmin,cn=users,dc=mysite,dc=com => be careful to provide a valid user here, and pay attention to base DN (dc=mysite,dc=com to be replaced by your base)
password : ...
cn=users,dc=mysite,dc=com
I've enabled on the fly user creation, and, as specified in the wiki, your users MUST have a valid LDAP account (=> with an email address !)
then :
Login => uid
FirstName => cn
LastName => sn
Email => mail
Let me know if it helps, I'll provide a wiki page when I return of my holidays.
Cheers,
Philippe
Updated by Robert Cerny over 16 years ago
- Status changed from New to Resolved
- % Done changed from 0 to 100
Hello Philippe,
thanks for your help, my server is now authenticating as requested. My problem was in the account settings, the base DN was missing there. Please send me link to the new wiki page when you create it
Updated by Philippe Lafoucrière over 16 years ago
hi Robert,
I'm glad it's working now.
I'll update this ticket in ~2 weeks when the patch for the wiki page is ready.
Regards,
Philippe
Updated by Daniel Felix about 12 years ago
Well, it seems that this Ticket could be closed too?
Updated by Etienne Massip about 12 years ago
- Status changed from Resolved to Closed
- Resolution set to Fixed
Updated by Mark Copal almost 9 years ago
I registered here just to give a solution for this issue, as it still shows up in Google as top result (after all these years).
The above is almost right except for the Firstname Attribute, as this is a bit odd in the regular LDAP naming scheme:
Firstname attribute: givenName
My working setup, to get search results for up-to-date systems:
OS
Mac OS X 10.11.1 (El Capitan)
Bitnami Redmine Stack 3.1.2.
Mac OS X Server 5.0.15
Xcode Service for hosting repositories
Open Directory for LDAP