[OpenXPKI-users] unable to get LDAP auth working against AD

Thu, 05 Nov 2020 14:53:42 -0800 

hello again!
I feel like I'm getting closer to a working deployment :) Thanks for the
recent help with my translation issue.

I'm trying to get LDAP (against Active Directory) working.

when I try to authenticate in OpenXPKI, there's never an attempt made in
AD. I cannot tell if that's related to LDAPS/SSL or a config option.

stack:
Demosec_AD:
    description: I18N_OPENXPKI_CONFIG_AUTH_STACK_DESCRIPTION_USER
    handler: demologin

handler:
demologin:
   type: Connector
   label: AD Login DZ Sec
   description: I18N_OPENXPKI_CONFIG_AUTH_HANDLER_DESCRIPTION_PASSWORD
   role: User
   source: connector:auth.connector.demo-ad

connectors:
demo-ad:
    class: Connector::Builtin::Authentication::LDAP
    LOCATION: ldap://lmy.ad.server
    port: 636
    debug: true
    use_tls: true
    capath: /usr/local/etc/openxpki/config.d/realm/demo/chain.pem
    base: cn=Users,dc=dzuser,dc=net
    binddn: cn=service,Users,dc=dzuser,dc=net
    password: <My long complex password>
    filter: "(|(userPrincipalName=[% LOGIN %])"

In the logs, I see the attempt on the webui.log but nothing in the AD logs
at at all...
webui.log
2020/11/05 14:48:59 INF Start fcgi loop 44233, config:
/usr/local/etc/openxpki/webui/default.conf [pid=44233|sid=[undef]]
2020/11/05 14:48:59 DEB check for cgi session, fcgi pid 44233
[pid=44233|sid=[undef]]
2020/11/05 14:48:59 DEB session id (front) is
0e01f59dd339de36c47d412807db122a [pid=44233|sid=0e01]
2020/11/05 14:48:59 DEB Use provided client instance [pid=44233|sid=0e01]
2020/11/05 14:48:59 DEB First session reinit with id
guxlIbcf6xGI5sMKjmfNZQ== [pid=44233|sid=0e01]
2020/11/05 14:48:59 INF Resume backend session with id
guxlIbcf6xGI5sMKjmfNZQ== [pid=44233|sid=0e01]
2020/11/05 14:48:59 DEB current session status GET_PASSWD_LOGIN
[pid=44233|sid=0e01]
2020/11/05 14:48:59 INF not logged in - doing auth - page is  - action is
login!password [pid=44233|sid=0e01]
2020/11/05 14:48:59 DEB Selected realm , new status GET_PASSWD_LOGIN
[pid=44233|sid=0e01]
2020/11/05 14:48:59 INF Requested login type PASSWD [pid=44233|sid=0e01]
2020/11/05 14:48:59 DEB Seems to be an auth try - validating
[pid=44233|sid=0e01]
2020/11/05 14:48:59 DEB request handled [pid=44233|sid=0e01]
2020/11/05 14:48:59 INF end fcgi loop 44233 [pid=44233|sid=0e01]

_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users






















					Reply via email to