Zentyal Forum, Linux Small Business Server

Zentyal Server => Directory and Authentication => Topic started by: neoscopiopt on April 12, 2019, 11:25:15 am

Title: LDAP Authentication
Post by: neoscopiopt on April 12, 2019, 11:25:15 am

Hi,

I recently installed Zentyal in a computer to go as a server. More recently, I installed OwnCloud in another computer to be kind of a OwnCloud server. I want my "office" to login without having to always put their passwords. However, I can't authenticate LDAP. In the OwnCloud User Authentication page it appears Host, Port, User DN, Password and One Base DN per line. I've tried it many ways.
What information should I put in each parameter?

Informations about my Zentyal Server:

• 2 Network Interfaces: 10.0.0.1/255.255.255.0 (Internal) and 192.168.1.100/255.255.255.0 (External). Range of the Internal - .50 to .99. Range of the External - .150 to .199
• 2 Gateways: 192.168.1.254 (default) and 10.0.0.254
• DHCP is activated with the 2 Network Interfaces, with both being with Search Domain as the Zentyal Server
• DNS is 1.1.1.1

Regards,
Neoscopio

Title: Re: LDAP Authentication
Post by: BerT666 on April 15, 2019, 01:30:14 pm

Hi,

I do not run OwnCloud, but Nextcloud...

There it looks like this:
CN=[User Name for Lookup],CN=Users(OU with users),DC=[Domainname],DC=[TLD]

BaseDN = DC=[Domainname],DC=[TLD]

() is for explanatuion
[] has to be adapted to the setup

Regards

Thomas

Title: Re: LDAP Authentication
Post by: neoscopiopt on April 16, 2019, 12:27:44 pm

Quote from: BerT666 on April 15, 2019, 01:30:14 pm

Hi,

I do not run OwnCloud, but Nextcloud...

There it looks like this:
CN=[User Name for Lookup],CN=Users(OU with users),DC=[Domainname],DC=[TLD]

BaseDN = DC=[Domainname],DC=[TLD]

() is for explanatuion
[] has to be adapted to the setup

Regards

Thomas

Hi,

Thanks for the quick reply. I've tried that, nothing.
Then, I tried the command ldapsearch -h ldaphostname -p 389 -x -b "dc=splunkers,dc=com" and it gives me the following:
# extended LDIF
#
# LDAPv3
# base <dc=neoscopio,dc=net> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 1 Operations error
text: 00002020: Operation unavailable without authentication

# numResponses: 1

With authentication, ldapsearch -h neoscopio1.neoscopio.net -p 389 -x -D "cn=tiago,cn=users,dc=neoscopio,dc=net" -b "dc=neoscopio,dc=net" -W, it returns the following, after inserting password:
ldap_bind: Invalid credentials (49)
        additional info: 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1

LDAP Information (Zentyal Server):

• Base DN is: DC=neoscopio,DC=net
• Default Users DN is: CN=Users,DC=neoscopio,DC=net
• Default Groups DN is:  CN=Users,DC=neoscopio,DC=net.

Regards

Title: Re: LDAP Authentication
Post by: BerT666 on April 17, 2019, 01:02:28 pm

For testing (when I setup my cloud), I created an LDAP User for the "LDAP Lookup" [can only "read" the LDAP].

Looking at your error message, you should add the credentials of an LDAP user that can do the lookup.

Or the problem is "splunkers" vs "neoscopio" ...

Regards

Thomas