Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for 3.0? #36

Open
mroe1234 opened this issue Oct 7, 2016 · 9 comments
Open

Support for 3.0? #36

mroe1234 opened this issue Oct 7, 2016 · 9 comments

Comments

@mroe1234
Copy link

mroe1234 commented Oct 7, 2016

Before I start my upgrade, should this plug-in work with 3.0?
@robrotheram
Copy link

So take this at a grain of salt for your use case but I have gotten this plugin to work on taiga v 3.0. Since I was setting up a new tiaga instalation with a new ldap server so I had no data to migrate between versions. I am also using new small openldap server with 2 users. But I had no errors in the instaltion of this plugin so it may work in your case

@leonidas-o
Copy link

I cannot authenticate using this module in the current taiga version. I've done all described in the readme.
Here I'm not sure about the two properties:

LDAP_SERVER and LDAP_SEARCH_PROPERTY.

Until now, I've got some applications using ldap, but all they need was something like ldap_bind_dn, ldap_bind_password, ldap_search_base or the ldap_port. So here I'm using the same settings but for the two properties mentionend above, I can not compare to the settings of the running apps.

I would like to use the email address as username. I've tried it with:

  1. For LDAP_SERVER I've entered: ldap://ldap.domain.tld
    Here I just entered the same values as I'm using at the end, inside the LDAP_SEARCH_BASE -> dc=domain,dc=tld
    not quite sure If this is correct, or is it possible to find that values somewhere inside phpldapadmin?
  2. Tried several possibilities like:
    LDAP_SEARCH_PROPERTY = 'sAMAccountName',
    LDAP_SEARCH_PROPERTY = 'mail',
    LDAP_SEARCH_PROPERTY = 'cn',
    LDAP_SEARCH_PROPERTY = 'uid'

Am I missing something?

@mroe1234
Copy link
Author

Here is my working LDAP config for 2.0:

LDAP_SERVER = 'ldap://nis.domain.local'
LDAP_PORT = 389
LDAP_SEARCH_BASE = 'dc=domain,dc=local'
LDAP_SEARCH_PROPERTY = 'uid'
LDAP_SEARCH_SUFFIX = None # '@example.com'

LDAP_EMAIL_PROPERTY = 'mail'
LDAP_FULL_NAME_PROPERTY = 'cn'

On 10/13/2016 12:39 PM, Leo wrote:

I cannot authenticate using this module in the current taiga version. I've done all described in the
readme.
Here I'm not sure about the two properties:

LDAP_SERVER and LDAP_SEARCH_PROPERTY.

Until now, I've got some applications using ldap, but all they need was something like ldap_bind_dn,
ldap_bind_password, ldap_search_base or the ldap_port. So here I'm using the same settings but for
the two properties mentionend above, I can not compare to the settings of the running apps.

I would like to use the email address as username. I've tried it with:

For LDAP_SERVER I've entered: ldap://ldap.domain.tld
Here I just entered the same values as I'm using at the end, inside the LDAP_SEARCH_BASE ->
dc=domain,dc=tld
not quite sure If this is correct, or is it possible to find that values somewhere inside
phpldapadmin?

Tried several possibilities like:
LDAP_SEARCH_PROPERTY = 'sAMAccountName',
LDAP_SEARCH_PROPERTY = 'mail',
LDAP_SEARCH_PROPERTY = 'cn',
LDAP_SEARCH_PROPERTY = 'uid'

Am I missing something?


You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#36 (comment), or mute the
thread
https://github.com/notifications/unsubscribe-auth/AG10p8KIKFr7d_cyK1kcBUZad0xmfnA1ks5qzl6wgaJpZM4KRXzC.

@leonidas-o
Copy link

@mroe1234 so you are using your user names to login, in my case i would just change that to mail. Right now I'm also set it to uid for testing purposes. Where is this "nis" comming from ('ldap://nis.domain.local'). I've left it on 'ldap://ldap.domain.local'. Can I somewhere look that up?

@mroe1234
Copy link
Author

yes, you can change the attribute you want to use for 'username' to whatever you want.
nis.domain.local is the DNS name for my ldap server.

On 10/13/2016 01:46 PM, Leo wrote:

@mroe1234 https://github.com/mroe1234 so you are using your user names to login, in my case i
would just change that to mail. Right now I'm also set it to uid for testing purposes. Where is this
"nis" comming from ('ldap://nis.domain.local'). I've left it on 'ldap://ldap.domain.local'. Can I
somewhere look that up?


You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#36 (comment), or mute the
thread
https://github.com/notifications/unsubscribe-auth/AG10p3LG_58ZG84I0JtsKFWt3liDBUzlks5qzm5rgaJpZM4KRXzC.

@leonidas-o
Copy link

yeah, okay got it. Was the LDAP_SERVER property, so authentication via uid is working but not using mail. Have you ever tested it via mail?

@flyingcircle
Copy link
Collaborator

Yes this is a known issue: #18

@leonidas-o
Copy link

@flyingcircle no not really. As I see, this issue is about invitation email. I'm talking about to use LDAP_SEARCH_PROPERTY = 'mail' instead of the username. So that each user should use his ldap email as username to log in. I will open a new issue for that.

@ffwd-txnx
Copy link

I see @lorsulic opened #37 for their issue.

As to OP, it works for us using Taiga 3.0 and taiga-contrib-ldap-auth v0.1.1. This is a direct installation of Taiga 3.0, though, not an upgrade from 2.0.

@mroe1234 I guess I'd also recommend using displayName (if possible) for LDAP_FULL_NAME_PROPERTY - see superuser.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@leonidas-o @robrotheram @flyingcircle @mroe1234 @ffwd-txnx