Author Topic: LDAP Authentication  (Read 361 times)

neoscopiopt

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
LDAP Authentication
« on: April 12, 2019, 11:25:15 am »
Hi,

I recently installed Zentyal in a computer to go as a server. More recently, I installed OwnCloud in another computer to be kind of a OwnCloud server. I want my "office" to login without having to always put their passwords. However, I can't authenticate LDAP. In the OwnCloud User Authentication page it appears Host, Port, User DN, Password and One Base DN per line. I've tried it many ways.
What information should I put in each parameter?

Informations about my Zentyal Server:
  • 2 Network Interfaces: 10.0.0.1/255.255.255.0 (Internal) and 192.168.1.100/255.255.255.0 (External). Range of the Internal - .50 to .99. Range of the External - .150 to .199
  • 2 Gateways: 192.168.1.254 (default) and 10.0.0.254
  • DHCP is activated with the 2 Network Interfaces, with both being with Search Domain as the Zentyal Server
  • DNS is 1.1.1.1

Regards,
Neoscopio

BerT666

  • Zen Warrior
  • ***
  • Posts: 215
  • Karma: +7/-0
    • View Profile
Re: LDAP Authentication
« Reply #1 on: April 15, 2019, 01:30:14 pm »
Hi,

I do not run OwnCloud, but Nextcloud...

There it looks like this:
CN=[User Name for Lookup],CN=Users(OU with users),DC=[Domainname],DC=[TLD]

BaseDN = DC=[Domainname],DC=[TLD]

() is for explanatuion
[] has to be adapted to the setup

Regards

Thomas

neoscopiopt

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: LDAP Authentication
« Reply #2 on: April 16, 2019, 12:27:44 pm »
Hi,

I do not run OwnCloud, but Nextcloud...

There it looks like this:
CN=[User Name for Lookup],CN=Users(OU with users),DC=[Domainname],DC=[TLD]

BaseDN = DC=[Domainname],DC=[TLD]

() is for explanatuion
[] has to be adapted to the setup

Regards

Thomas

Hi,

Thanks for the quick reply. I've tried that, nothing.
Then, I tried the command ldapsearch -h ldaphostname -p 389 -x -b "dc=splunkers,dc=com" and it gives me the following:
# extended LDIF
#
# LDAPv3
# base <dc=neoscopio,dc=net> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 1 Operations error
text: 00002020: Operation unavailable without authentication

# numResponses: 1

With authentication, ldapsearch -h neoscopio1.neoscopio.net -p 389 -x -D "cn=tiago,cn=users,dc=neoscopio,dc=net" -b "dc=neoscopio,dc=net" -W, it returns the following, after inserting password:
ldap_bind: Invalid credentials (49)
        additional info: 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1

LDAP Information (Zentyal Server):
  • Base DN is: DC=neoscopio,DC=net
  • Default Users DN is: CN=Users,DC=neoscopio,DC=net
  • Default Groups DN is:  CN=Users,DC=neoscopio,DC=net.

Regards
« Last Edit: April 16, 2019, 12:54:18 pm by neoscopiopt »

BerT666

  • Zen Warrior
  • ***
  • Posts: 215
  • Karma: +7/-0
    • View Profile
Re: LDAP Authentication
« Reply #3 on: April 17, 2019, 01:02:28 pm »
For testing (when I setup my cloud), I created an LDAP User for the "LDAP Lookup" [can only "read" the LDAP].

Looking at your error message, you should add the credentials of an LDAP user that can do the lookup.

Or the problem is "splunkers" vs "neoscopio" ...

Regards

Thomas