Active directory Authentication 1.2.12
Moderators: Developer, Contributor
Active directory Authentication 1.2.12
Hi, I'm a new user, and I'm doing a project about mantisbt 1.2.12 for my institute.
I have one machine with windows server 2003 where I have my users in Active directory;
And another machine with Centos 5.8 where I have installed mantisbt.
I will like to use the users of active directory to login mantis.
Can someone explain me how to doit please?
srry for my english, I'm not so good with that language =D
I have one machine with windows server 2003 where I have my users in Active directory;
And another machine with Centos 5.8 where I have installed mantisbt.
I will like to use the users of active directory to login mantis.
Can someone explain me how to doit please?
srry for my english, I'm not so good with that language =D
Re: Active directory Authentication 1.2.12
I read all file config_default_inc and I saw this variables:
$g_ldap_server = my_domain.org;
$g_ldap_root_dn = 'dc=my_domain,dc=org';
$g_ldap_organization = 'domain';
$g_ldap_uid_field = 'sAMAccountName'; *I don't know why this myst be sAMAccountName
$g_ldap_realname_field = 'name';maybe the name of machina that have active directory?
$g_ldap_bind_dn = 'CN=Administrator,OU=Users,DC=domain,DC=org';
$g_ldap_bind_passwd = 'password';
$g_login_method = LDAP;
Can someone Say me if with this changes I could log in mantis with active direcory users?
$g_ldap_server = my_domain.org;
$g_ldap_root_dn = 'dc=my_domain,dc=org';
$g_ldap_organization = 'domain';
$g_ldap_uid_field = 'sAMAccountName'; *I don't know why this myst be sAMAccountName
$g_ldap_realname_field = 'name';maybe the name of machina that have active directory?
$g_ldap_bind_dn = 'CN=Administrator,OU=Users,DC=domain,DC=org';
$g_ldap_bind_passwd = 'password';
$g_login_method = LDAP;
Can someone Say me if with this changes I could log in mantis with active direcory users?
Re: Active directory Authentication 1.2.12
Not working for me either - My config is:
$g_login_method = LDAP;
$g_ldap_server = '192.168.1.1:3268';
$g_ldap_root_dn = 'DC=euro,DC=example,DC=com';
$g_ldap_bind_dn = 'DC=euro,DC=example,DC=com';
$g_ldap_protocol_version = 3;
$g_ldap_follow_referrals = OFF;
$g_ldap_uid_field = 'sAMAccountName';
$g_use_ldap_email = ON;
$g_use_ldap_realname = ON;
$g_log_level = LOG_LDAP;
$g_log_destination = 'file:c:\xampp\htdocs\mantisbt\mantisbt.log';
In the browser I get the following error:
SYSTEM WARNING: 'ldap_search(): Search: Operations error' in 'C:\xampp\htdocs\mantisbt-1.2.14\core\ldap_api.php' line 358
and in the LDAP_LOG logs the following:
2013-02-13 16:42 CET ldap Binding to LDAP server
2013-02-13 16:42 CET ldap Attempting connection to LDAP URI '192.168.168.1:3268'.
2013-02-13 16:42 CET ldap Connection accepted by LDAP server
2013-02-13 16:42 CET ldap Setting LDAP protocol version to 3
2013-02-13 16:42 CET ldap Attempting anonymous bind to ldap server
2013-02-13 16:42 CET ldap Bind to ldap server successful
2013-02-13 16:42 CET ldap Searching for (&(sAMAccountName=SteveC))
2013-02-13 16:42 CET ldap ERROR #1: Operations error
2013-02-13 16:42 CET ldap ldap search failed
Any clue what might be going wrong?
$g_login_method = LDAP;
$g_ldap_server = '192.168.1.1:3268';
$g_ldap_root_dn = 'DC=euro,DC=example,DC=com';
$g_ldap_bind_dn = 'DC=euro,DC=example,DC=com';
$g_ldap_protocol_version = 3;
$g_ldap_follow_referrals = OFF;
$g_ldap_uid_field = 'sAMAccountName';
$g_use_ldap_email = ON;
$g_use_ldap_realname = ON;
$g_log_level = LOG_LDAP;
$g_log_destination = 'file:c:\xampp\htdocs\mantisbt\mantisbt.log';
In the browser I get the following error:
SYSTEM WARNING: 'ldap_search(): Search: Operations error' in 'C:\xampp\htdocs\mantisbt-1.2.14\core\ldap_api.php' line 358
and in the LDAP_LOG logs the following:
2013-02-13 16:42 CET ldap Binding to LDAP server
2013-02-13 16:42 CET ldap Attempting connection to LDAP URI '192.168.168.1:3268'.
2013-02-13 16:42 CET ldap Connection accepted by LDAP server
2013-02-13 16:42 CET ldap Setting LDAP protocol version to 3
2013-02-13 16:42 CET ldap Attempting anonymous bind to ldap server
2013-02-13 16:42 CET ldap Bind to ldap server successful
2013-02-13 16:42 CET ldap Searching for (&(sAMAccountName=SteveC))
2013-02-13 16:42 CET ldap ERROR #1: Operations error
2013-02-13 16:42 CET ldap ldap search failed
Any clue what might be going wrong?
-
- Posts: 408
- Joined: 28 Jan 2011, 18:47
- Location: France
- Contact:
Re: Active directory Authentication 1.2.12
hello
try adding :
$g_ldap_organization = '(objectClass=*)';
try adding :
$g_ldap_organization = '(objectClass=*)';
Lapinkiller,
French PHP developer
New look for your mantis : http://www.mantisbt.org/forums/viewtopi ... =4&t=20055
French PHP developer
New look for your mantis : http://www.mantisbt.org/forums/viewtopi ... =4&t=20055
Re: Active directory Authentication 1.2.12
As an alternative there is the ADlogin plugin which makes logging on very transparent. You can find it on the bugtracker ( http://www.mantisbt.org/bugs/view.php?id=12627 )
Re: Active directory Authentication 1.2.12
Hello,
I encounter same problem with my fresh install of mantis 1.2.17
My configuration:
I have previously install the php5-ldap package and create an account with a domain user.
During the login process, the following error appears: SYSTEM WARNING: 'ldap_search(): Search: Operations error' in '/usr/share/mantis/mantisbt-1.2.17/core/ldap_api.php' line 358
In the log:
Thx for your help.
I encounter same problem with my fresh install of mantis 1.2.17
My configuration:
Code: Select all
# --- LOG ---
$g_log_level = LOG_LDAP;
$g_log_destination = 'file:/var/log/mantis/mantisbt.log';
# --- AD Auth ---
$g_login_method = LDAP;
$g_ldap_server = 'ldap://pdc:389';
$g_ldap_root_dn = 'dc=DOMAIN,dc=LOCAL';
$g_ldap_bind_dn = 'DOMAIN\\ldap_bind';
$g_ldap_bind_passwd ='pass';
$g_ldap_organization = '';
$g_ldap_protocol_version = 3;
$g_ldap_uid_field = 'sAMAccountName';
$g_use_ldap_email = ON;
During the login process, the following error appears: SYSTEM WARNING: 'ldap_search(): Search: Operations error' in '/usr/share/mantis/mantisbt-1.2.17/core/ldap_api.php' line 358
In the log:
Code: Select all
2014-03-05 09:28 UTC ldap Binding to LDAP server
2014-03-05 09:28 UTC ldap Attempting connection to LDAP URI 'ldap://pdc:389'.
2014-03-05 09:28 UTC ldap Connection accepted by LDAP server
2014-03-05 09:28 UTC ldap Setting LDAP protocol version to 3
2014-03-05 09:28 UTC ldap Attempting bind to ldap server with username and password
2014-03-05 09:28 UTC ldap Bind to ldap server successful
2014-03-05 09:28 UTC ldap Searching for (&(sAMAccountName=username))
2014-03-05 09:28 UTC ldap ERROR #1: Operations error
2014-03-05 09:28 UTC ldap ldap search failed
Re: Active directory Authentication 1.2.12
Hello,
I have found the solution.
The problem is in my ldap root dn:
$g_ldap_root_dn = 'DC=domain,DC=local'; doesn't work
$g_ldap_root_dn = 'OU=XXX,DC=domain,DC=local'; works
But, this previous root dn parameter works with GLPI and Redmine...
Thx.
I have found the solution.
The problem is in my ldap root dn:
$g_ldap_root_dn = 'DC=domain,DC=local'; doesn't work
$g_ldap_root_dn = 'OU=XXX,DC=domain,DC=local'; works
But, this previous root dn parameter works with GLPI and Redmine...
Thx.
Re: Active directory Authentication 1.3
I had been running Mantis 1.2 with the adLogin plugin working just fine. Now I installed Mantis 1.3 and the same plugin no longer seems to work. I created the directory under "plugins" and unpacked the plugin, then I edited the "core" config file per the instructions.
What am I doing wrong? It doesn't show up int he plugins config screen with either "install" or "uninstall" link and it doesn't seem to be working at all.
What am I doing wrong? It doesn't show up int he plugins config screen with either "install" or "uninstall" link and it doesn't seem to be working at all.
Re: Active directory Authentication 1.2.12
Did you also implemented, as described iun the issue:
This plugin uses the function auth_attempt_script_login, which in the past was enough for getting access.
As of version 1.2.x this function offers less functionality than before.
This function is available in core\authentication_api.php
In order to overcome this, one needs to add 3 lines at the end of this function:
# set the cookies
$p_perm_login=false;
auth_set_cookies( $t_user_id, $p_perm_login );
auth_set_tokens( $t_user_id );
Add these just before the comment line stating:
# ok, we're good to login now (around line 279)
In addition, one can uncomment the line:
# user_increment_login_count( $t_user_id );
It should look like:
user_increment_login_count( $t_user_id );
In that case still all logins are counted.
The change mentioned above can bring additional security risks in case you Mantis is on the WWW opposite an intranet.
This plugin uses the function auth_attempt_script_login, which in the past was enough for getting access.
As of version 1.2.x this function offers less functionality than before.
This function is available in core\authentication_api.php
In order to overcome this, one needs to add 3 lines at the end of this function:
# set the cookies
$p_perm_login=false;
auth_set_cookies( $t_user_id, $p_perm_login );
auth_set_tokens( $t_user_id );
Add these just before the comment line stating:
# ok, we're good to login now (around line 279)
In addition, one can uncomment the line:
# user_increment_login_count( $t_user_id );
It should look like:
user_increment_login_count( $t_user_id );
In that case still all logins are counted.
The change mentioned above can bring additional security risks in case you Mantis is on the WWW opposite an intranet.
Re: Active directory Authentication 1.2.12
Yes I did all those things.
Re: Active directory Authentication 1.2.12
I am not using 1.3 but expect that there is some change in functions used. Possibly the pluin itself needs small adjustments based upon 1.3
Re: Active directory Authentication 1.2.12
Just to follow up, the actual problem was that the AD plugin was not actually installed according to Mantis (Manage Plugins screen). It needed to have it's code updated by increasing the Core version requirement. Once that was done the Install link appeared in the Mantis plugins screen, and after clicking Install (and following the above config items) everything worked properly!
Re: Active directory Authentication 1.2.12
You are correct here, found the same issue in preparing the plugin for version 2.0