TeamPass icon indicating copy to clipboard operation
TeamPass copied to clipboard
verified publisher icon nilsteampassnet

LDAP user not working

Open Knoppix1 opened this issue 1 month ago • 3 comments

Image

Description: I'm encountering an issue with LDAP user connection in Teampass after upgrading v2 to version 3.xxx . Although the LDAP connection itself seems to work (I can see all my AD users in the Users > LDAP Sync page).

  • I've enabled synchronization for a user, but I continue to receive an error.
  • I deleted the user and recreated them, but the error persists.
  • My LDAP server is only accessible via LDAPS.

Key Details:

  • Teampass Version: 3.1.5.13
  • LDAP Configuration: LDAP search command (ldapsearch) works fine, and the CA certificate is correctly integrated into the Linux system.
  • Error during LDAP test: "An error occurred while opening connection to AD server"

I’ve tried the following steps:

  1. Ensured that LDAPS is configured correctly.
  2. Verified the CA certificate is installed and recognized by the system.
  3. Checked that the connection to the LDAP server is functional using other tools (like ldapsearch).
  4. Tried deleting and recreating the user in Teampass.

Despite these checks, the issue remains unresolved. Has anyone else faced a similar issue or could offer suggestions on troubleshooting the LDAP sync?

Debian 12.12 PHP 8.4.15 LDAP SERVER AD/Windows Serveur 2022

Image

Knoppix1 avatar Dec 15 '25 15:12 Knoppix1

LDAPS needs an AD CS using port 686 :)

guerricv avatar Dec 15 '25 16:12 guerricv

LDAPS needs an AD CS using port 686 :)

Correct, but more precisely 636 ;) I forgot to switch it back to 636 after my numerous attempts!!! I tried 389 for the STARTTLS negotiation, but the result is the same. The worst part is that if I break the password or the CN, it can no longer retrieve my LDAP users... It's completely baffling; I can't find any logs to enable like on v2.

Knoppix1 avatar Dec 15 '25 18:12 Knoppix1

You are right, i did that some time ago now :)

Have you succeeded with that ? Your setup seems ok, i checked with mine where I'm also using LDAPS without any problem. Only point I'm not sure on your setup is the filter, have you tried to removed it ? On my side, i'm using an AD group to permit access and get using sync with Teampass, I'm using something like (memberOf:1.2.840.113556.1.4.1941:=CN=GRP_APP_TeamPass,OU=Remote Apps User,OU=Groups,DC=xxxx,DC=xxxxx). Maybe you can try first to remove your filter ? Also, have you got an error or something in the devtool ?

guerricv avatar Dec 16 '25 13:12 guerricv