View Issue Details

IDProjectCategoryView StatusLast Update
0027892mantisbtldappublic2021-01-31 05:47
Reporteramangion Assigned Todregad  
PriorityhighSeverityminorReproducibilityhave not tried
Status closedResolutionno change required 
PlatformLinuxOSUbuntuOS Version20.04 lts
Product Version2.24.4 
Summary0027892: Ldap integration
Description

Hello, sorry for the question here, but I have searched without getting an answer about the integration of Mantisbt to the active directory.

the problem is that it gives me the following error:
APPLICATION ERROR # 1401 Connection to LDAP server failed

I do not know what to do.

questions:
1- the active directory is essential an ssl certificate so that it can authenticate to the active directory?

2- the only file that is configured on the server is the one in the path /mantisbt/config/config_inf.php?

    # ------------------------------------------------- --------
    # LDAP authentication configuration
    # ------------------------------------------------- --------
    / * we want to use LDAP auth * /

/ ** $ g_login_method = LDAP;

    $ g_ldap_server = 'ldap: //something-ldap-gc.something.es: 3268';
    $ g_ldap_root_dn = 'DC = fega, DC = dom';
    $ g_ldap_bind_dn = 'cn = XaaXaa, cn = Users, dc = user, dc = dom';
    $ g_ldap_bind_passwd = '123456';

    / * we don't want the users to be able to sign-up via mantis * /

$ g_allow_signup = OFF; // Modified authentication_api.php file to avoid creating an account automatically if the user is in LDAP

$ g_use_ldap_email = ON;

    / * we don't want false mantis lost password feature * /

$ g_lost_password_feature = OFF;

    $ g_log_level = LOG_EMAIL | LOG_EMAIL_RECIPIENT | LOG_DATABASE;

$ g_log_destination = 'file: /usr/share/mantisbt/mantisbt.log';

    $ g_ldap_protocol_version = 3;
    $ g_ldap_uid_field = 'sAMAccountName'; # Use 'sAMAccountName' for Active Directory - this is the name of the attribute used to search a user

3- Apache must configure a file and / or module to achieve the integration?

thanks for your answers and help.

it is an Ubuntu 20.04 tls server
php 7.4
mantisbt 2.24.4

TagsNo tags attached.

Activities

amangion

amangion

2021-01-19 05:27

reporter   ~0065012

I have already advanced a bit now it indicates the following error:

2021-01-19 11:24 CET LDAP ldap_api.php: 285 ldap_get_field_from_username () Retrieving field 'mail' for 'user'
2021-01-19 11:24 CET LDAP ldap_api.php: 285 ldap_get_field_from_username () Retrieving field 'mail' for 'user'
2021-01-19 11:24 CET LDAP ldap_api.php: 212 ldap_cache_user_data () Retrieving data for 'user' from LDAP server
2021-01-19 11:24 CET LDAP ldap_api.php: 67 ldap_connect_bind () Attempting connection to LDAP server / URI 'ldaps: //xxaa-ldap-gc.xxx.xx:443/'.
2021-01-19 11:24 CET LDAP ldap_api.php: 76 ldap_connect_bind () Connection accepted by LDAP server
2021-01-19 11:24 CET LDAP ldap_api.php: 89 ldap_connect_bind () Setting LDAP protocol version to 3
2021-01-19 11:24 CET LDAP ldap_api.php: 111 ldap_connect_bind () Attempting bind to ldap server as 'XaXAaXA@xxx.xxx'
2021-01-19 11:24 CET LDAP ldap_api.php: 124 ldap_connect_bind () Bind to ldap server successful
2021-01-19 11:24 CET LDAP ldap_api.php: 235 ldap_cache_user_data () Searching for (& (sAMAccountName = user))
2021-01-19 11:24 CET LDAP ldap_api.php: 267 ldap_cache_user_data () Unbinding from LDAP server

dregad

dregad

2021-01-19 09:40

developer   ~0065013

amangion,

Once again, our bug tracker is not a support channel, it is used to report defects in the software.

This is not a bug or feature request for MantisBT (you are asking for help on how to configure the system). I am therefore resolving this issue as "no change required".

Please use the forums to get support on customizing and using MantisBT (refer to http://www.mantisbt.org/support.php for links and further details).

PS: I see no errors in the sample log file you posted.

amangion

amangion

2021-01-20 09:02

reporter   ~0065017

Tengo el siguiente bug:

He realizado la integraciĆ³n del mantis al Ldap, pero despues de ingresar con 4 usuarios el valor que toma es el del "administrator", cuando deberia de ser por ejempo "trtest6"

envio log para visualizarlo mejor:

2021-01-20 14:59 CET DB config_api.php:728 config_cache_all() array (
0 => 'SELECT config_id, user_id, project_id, type, value, access_reqd FROM mantis_config_table',
1 => '0.0022',
)
2021-01-20 14:59 CET DB plugin_api.php:935 plugin_register_installed() array (
0 => 'SELECT basename, priority, protected FROM mantis_plugin_table WHERE enabled=\'1\' ORDER BY priority DESC',
1 => '0.0005',
)
2021-01-20 14:59 CET DB user_api.php:704 user_get_id_by_name() array (
0 => 'SELECT * FROM mantis_user_table WHERE username=\'administrator\'',
1 => '0.0007',
)
2021-01-20 14:59 CET LDAP ldap_api.php:327 ldap_authenticate_by_username() Binding to LDAP server
2021-01-20 14:59 CET LDAP ldap_api.php:63 ldap_connect_bind() Attempting connection to LDAP server/URI 'ldaps://xxxx-ldap-xx.xxxx.xx:443/'.
2021-01-20 14:59 CET LDAP ldap_api.php:66 ldap_connect_bind() Connection accepted by LDAP server
2021-01-20 14:59 CET LDAP ldap_api.php:79 ldap_connect_bind() Setting LDAP protocol version to 3
2021-01-20 14:59 CET LDAP ldap_api.php:101 ldap_connect_bind() Attempting bind to ldap server with username and password
2021-01-20 14:59 CET LDAP ldap_api.php:114 ldap_connect_bind() Bind to ldap server successful
2021-01-20 14:59 CET LDAP ldap_api.php:335 ldap_authenticate_by_username() Searching for (&(sAMAccountName=administrator))
2021-01-20 14:59 CET LDAP ldap_api.php:367 ldap_authenticate_by_username() No matching entries found
2021-01-20 14:59 CET LDAP ldap_api.php:370 ldap_authenticate_by_username() Unbinding from LDAP server
2021-01-20 14:59 CET LDAP ldap_api.php:397 ldap_authenticate_by_username() Authentication failed
2021-01-20 14:59 CET DB database_api.php:161 db_connect() array (
0 => 'SET NAMES UTF8',
1 => '0.0005',
)
2021-01-20 14:59 CET DB plugin_api.php:935 plugin_register_installed() array (
0 => 'SELECT basename, priority, protected FROM mantis_plugin_table WHERE enabled=\'1\' ORDER BY priority DESC',
1 => '0.0005',
)
2021-01-20 14:59 CET DB config_api.php:728 config_cache_all() array (
0 => 'SELECT config_id, user_id, project_id, type, value, access_reqd FROM mantis_config_table',
1 => '0.0024',

con el usuario que se esta intentando ingresar alli es con trtest6 no con administrator y en el sAMAccountName toma el del "administrator"

en algun lugar se estara quedando cacheado algun dato, del administrator?

amangion

amangion

2021-01-20 09:13

reporter   ~0065018

There in that log it shows that I am trying to start with trtest6 and it throws all that log when trying to enter with that user, it is like doing a double request one with the user that one writes and another with the administrator:

2021-01-20 15:10 CET DB database_api.php:161 db_connect() array (
0 => 'SET NAMES UTF8',
1 => '0.0006',
)
2021-01-20 15:10 CET DB config_api.php:728 config_cache_all() array (
0 => 'SELECT config_id, user_id, project_id, type, value, access_reqd FROM mantis_config_table',
1 => '0.0022',
)
2021-01-20 15:10 CET DB plugin_api.php:935 plugin_register_installed() array (
0 => 'SELECT basename, priority, protected FROM mantis_plugin_table WHERE enabled=\'1\' ORDER BY priority DESC',
1 => '0.0005',
)
2021-01-20 15:10 CET DB user_api.php:704 user_get_id_by_name() array (
0 => 'SELECT FROM mantis_user_table WHERE username=\'trtest6\'',
1 => '0.0006',
)
2021-01-20 15:10 CET DB database_api.php:161 db_connect() array (
0 => 'SET NAMES UTF8',
1 => '0.0004',
)
2021-01-20 15:10 CET DB plugin_api.php:935 plugin_register_installed() array (
0 => 'SELECT basename, priority, protected FROM mantis_plugin_table WHERE enabled=\'1\' ORDER BY priority DESC',
1 => '0.0005',
)
2021-01-20 15:10 CET DB config_api.php:728 config_cache_all() array (
0 => 'SELECT config_id, user_id, project_id, type, value, access_reqd FROM mantis_config_table',
1 => '0.0024',
)
2021-01-20 15:10 CET DB database_api.php:161 db_connect() array (
0 => 'SET NAMES UTF8',
1 => '0.0004',
)
2021-01-20 15:10 CET DB config_api.php:728 config_cache_all() array (
0 => 'SELECT config_id, user_id, project_id, type, value, access_reqd FROM mantis_config_table',
1 => '0.0028',
)
2021-01-20 15:10 CET DB plugin_api.php:935 plugin_register_installed() array (
0 => 'SELECT basename, priority, protected FROM mantis_plugin_table WHERE enabled=\'1\' ORDER BY priority DESC',
1 => '0.0005',
)
2021-01-20 15:10 CET DB user_api.php:704 user_get_id_by_name() array (
0 => 'SELECT
FROM mantis_user_table WHERE username=\'trtest6\'',
1 => '0.0006',
)
2021-01-20 15:10 CET DB user_api.php:704 user_get_id_by_name() array (
0 => 'SELECT FROM mantis_user_table WHERE username=\'trtest6\'',
1 => '0.0005',
)
2021-01-20 15:10 CET LDAP ldap_api.php:327 ldap_authenticate_by_username() Binding to LDAP server
2021-01-20 15:10 CET LDAP ldap_api.php:63 ldap_connect_bind() Attempting connection to LDAP server/URI 'ldaps://xxxx-ldap-xx.xxxx.xx:443/'.
2021-01-20 15:10 CET LDAP ldap_api.php:66 ldap_connect_bind() Connection accepted by LDAP server
2021-01-20 15:10 CET LDAP ldap_api.php:79 ldap_connect_bind() Setting LDAP protocol version to 3
2021-01-20 15:10 CET LDAP ldap_api.php:101 ldap_connect_bind() Attempting bind to ldap server with username and password
2021-01-20 15:10 CET LDAP ldap_api.php:114 ldap_connect_bind() Bind to ldap server successful
2021-01-20 15:10 CET LDAP ldap_api.php:335 ldap_authenticate_by_username() Searching for (&(sAMAccountName=trtest6))
2021-01-20 15:10 CET LDAP ldap_api.php:367 ldap_authenticate_by_username() No matching entries found
2021-01-20 15:10 CET LDAP ldap_api.php:370 ldap_authenticate_by_username() Unbinding from LDAP server
2021-01-20 15:10 CET LDAP ldap_api.php:397 ldap_authenticate_by_username() Authentication failed
2021-01-20 15:10 CET DB database_api.php:161 db_connect() array (
0 => 'SET NAMES UTF8',
1 => '0.0004',
)
2021-01-20 15:10 CET DB config_api.php:728 config_cache_all() array (
0 => 'SELECT config_id, user_id, project_id, type, value, access_reqd FROM mantis_config_table',
1 => '0.0020',
)
2021-01-20 15:10 CET DB plugin_api.php:935 plugin_register_installed() array (
0 => 'SELECT basename, priority, protected FROM mantis_plugin_table WHERE enabled=\'1\' ORDER BY priority DESC',
1 => '0.0008',
)
2021-01-20 15:10 CET DB user_api.php:704 user_get_id_by_name() array (
0 => 'SELECT
FROM mantis_user_table WHERE username=\'administrator\'',
1 => '0.0006',
)
2021-01-20 15:10 CET LDAP ldap_api.php:327 ldap_authenticate_by_username() Binding to LDAP server
2021-01-20 15:10 CET LDAP ldap_api.php:63 ldap_connect_bind() Attempting connection to LDAP server/URI 'ldaps://xxxx-ldap-xx.xxxx.xx:443/'.
2021-01-20 15:10 CET LDAP ldap_api.php:66 ldap_connect_bind() Connection accepted by LDAP server
2021-01-20 15:10 CET LDAP ldap_api.php:79 ldap_connect_bind() Setting LDAP protocol version to 3
2021-01-20 15:10 CET LDAP ldap_api.php:101 ldap_connect_bind() Attempting bind to ldap server with username and password
2021-01-20 15:10 CET LDAP ldap_api.php:114 ldap_connect_bind() Bind to ldap server successful
2021-01-20 15:10 CET LDAP ldap_api.php:335 ldap_authenticate_by_username() Searching for (&(sAMAccountName=administrator))
2021-01-20 15:10 CET LDAP ldap_api.php:367 ldap_authenticate_by_username() No matching entries found
2021-01-20 15:10 CET LDAP ldap_api.php:370 ldap_authenticate_by_username() Unbinding from LDAP server
2021-01-20 15:10 CET LDAP ldap_api.php:397 ldap_authenticate_by_username() Authentication failed
2021-01-20 15:10 CET DB database_api.php:161 db_connect() array (
0 => 'SET NAMES UTF8',
1 => '0.0004',
)
2021-01-20 15:10 CET DB plugin_api.php:935 plugin_register_installed() array (
0 => 'SELECT basename, priority, protected FROM mantis_plugin_table WHERE enabled=\'1\' ORDER BY priority DESC',
1 => '0.0005',
)
2021-01-20 15:10 CET DB config_api.php:728 config_cache_all() array (
0 => 'SELECT config_id, user_id, project_id, type, value, access_reqd FROM mantis_config_table',
1 => '0.0020',

dregad

dregad

2021-01-20 11:35

developer   ~0065019

Can you confirm which page you're loading to get that log ?

If it's login_page.php and you have $g_admin_checks = ON (which is the out-of-the-box setting), then we check that the password for the default administrator user has been changed from the initial value. This check is normal, and nothing to worry about.

Why do you set LOG_DATABASE and LOG_EMAIL* ? This is useless unless when debugging, and unnecessarily loading your server.

As a side note, you indicated using 2.24.4 but the line numbers from your log don't match. Looks like <= 2.23.1

amangion

amangion

2021-01-21 04:22

reporter   ~0065020

I miss the version, I attach an image of the version that is installed.

I will do some tests regarding the login, to see if it is resolved.

question can I disable $ g_admin_checks = ON - >>
$ g_admin_checks = OFF?

1Captura.PNG (12,647 bytes)   
1Captura.PNG (12,647 bytes)   
2Captura.PNG (15,149 bytes)   
2Captura.PNG (15,149 bytes)