Unable to connect to our LDAP

Prashanthmallu · 2018-10-15 08:55:44 UTC

Hi,

we have many Third Party softwares integrated to our ADS active directory. They all seems to work normally.

But we are unable to connect to our LDAP using Gitea. I have gone through the document and tried various option.

can someone help us on this?

balibebas · 2018-10-15 13:06:59 UTC

To get help you’re probably going to have to provide more details or try asking on Stack Overflow unless you’re ready to buck up some cash for someone’s time.

Prashanthmallu · 2018-10-15 17:27:12 UTC

2018/10/15 14:32:06 [D] Template: home
2018/10/15 14:32:08 [D] Session ID: ab8bb5242b2770d0
2018/10/15 14:32:08 [D] CSRF Token: PYovUfQ1-ncppPXh79nmZV34Pss6MTUzOTU5NDEyNjU3MDAwMTUwMA==
2018/10/15 14:32:08 [D] Template: user/auth/signin
2018/10/15 14:32:18 [D] Session ID: ab8bb5242b2770d0
2018/10/15 14:32:18 [D] CSRF Token: PYovUfQ1-ncppPXh79nmZV34Pss6MTUzOTU5NDEyNjU3MDAwMTUwMA==
2018/10/15 14:32:18 [T] Dialing LDAP with security protocol (0) without verifying: false
2018/10/15 14:32:18 [T] LDAP will use BindDN.
2018/10/15 14:32:18 [T] Search for LDAP user: prasanth
2018/10/15 14:32:18 [D] Failed to bind as BindDN[CN=gitadmin,Users,DC=dsrc,DC=in]: LDAP Result Code 49 “Invalid Credentials”: 80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580
2018/10/15 14:32:18 [W] Failed to login ‘prasanth’ via ‘ldap-test1’: user does not exist [uid: 0, name: prasanth, keyid: 0]
2018/10/15 14:32:18 [D] Template: user/auth/signin
2018/10/15 14:32:18 [I] Failed authentication attempt for prasanth from [::1]

Prashanthmallu · 2018-10-15 19:14:44 UTC

okay thanks for the info

balibebas · 2018-10-16 07:06:47 UTC

No problem. Hope you’re able to figure it out. They’re may be some Issues on GitHub you can search through to help find your answer. Try searching for “LDAP” in the Git repo and if you do figure it out let us know how you did it here. Best of luck!

Prashanthmallu · 2018-10-16 08:26:23 UTC

we got it working now, Thanks

zane_shus · 2018-10-22 19:30:12 UTC

What did you do to get it working. I am in the same situation.

jsmigiel · 2019-01-02 23:52:45 UTC

These are example settings that worked for me to authenticate with an Active Directory server:

Authentication Type:
LDAP (via BindDN)

Security Protocol:
Unencrypted

Host:
myserver.myexample.com

Port:
389

User Search Base:
CN=Users,DC=myexample,DC=com

Bind DN:
myreadonlyuser@myexample.com

Bind Password:
password1234

User filter:
(&(sAMAccountName=%s)(objectCategory=Person)(memberOf=CN=Gitea-group,DC=myexample,DC=com)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))

Admin filter:
(memberOf=CN=GiteaAdmins-group,DC=myexample,DC=com)

First name attribute:
givenName

Surname attribute:
sn

Email attribute:
mail

obohovyk · 2019-01-12 15:45:20 UTC

Hi everyone! the only one working solution I found for me is in attachment. It uses FreeIPA 4.4.
Main problem was in User Search Base.