semaphore icon indicating copy to clipboard operation
semaphore copied to clipboard
verified publisher icon semaphoreui

Issue with LDAP

Open tonyyu85 opened this issue 3 years ago • 2 comments

Hi,

I am running to issue when config the following LDAP setting and getting the Invalid Credentials error. It will be great if someone can help with this error? Current Semaphore version is 2.7.22.

   "ldap_binddn": "CN=svc-ldapuser,OU=Service Accounts,OU=Servers,OU=User Groups,DC=pc,DC=factset,DC=com",
    "ldap_bindpassword": "password",
    "ldap_server": "ldap.com:389",
    "ldap_searchdn": "OU=Corporate,DC=pc,DC=factset,DC=com",
    "ldap_searchfilter": "(&(sAMAccountName=%s))",
    "ldap_mappings": {
            "dn": "distinguishedName",
            "mail": "userPrincipalName",
            "uid": "sAMAccountName",
            "cn": "cn"
    },

Apr 05 19:59:59 semaphore[15214]: time="2022-04-05T19:59:59Z" level=info msg="LDAP Result Code 49 "Invalid Credentials": 80090308: LdapErr: DSID...v2580\x00"

tonyyu85 avatar Apr 05 '22 20:04 tonyyu85

Hi @tonyyu85 ,

  1. try to use newer version of Semaphore
  2. Example of LDAP setup: https://gist.github.com/fiftin/a697b2a88722ebd4ef1293bd5d7bbc88

fiftin avatar Apr 06 '22 08:04 fiftin 

   "ldap_binddn": "CN=svc-ldapuser,OU=Service Accounts,OU=Servers,OU=User Groups,DC=pc,DC=factset,DC=com",
    "ldap_bindpassword": "password",
    "ldap_server": "ldap.com:389",

Please use ldapwhoami tool and check if your binddn works.

ldapwhoami\
  -H ldap://ldap.com:389\
  -D "CN=svc-ldapuser,OU=Service Accounts,OU=Servers,OU=User Groups,DC=pc,DC=factset,DC=com"\
  -x\
  -W

It will ask interactively for the password and should return error code 0 and echo out the DN as specified.

flybyray avatar Sep 09 '22 20:09 flybyray

Hi @tonyyu85 ,

Have you solved your issue?

fiftin avatar Nov 06 '22 14:11 fiftin