Page 1 of 1

Mantis - Active Directory Authentification

Posted: 19 Sep 2014, 11:47
by Zenpower
Bonjour à tous,

1 - J'ai installé avec succès mantisbt 1.2.17 sur une plateforme 2003 server sp2.
2 - J'ai créé un utilisatreur 'udd' avec les droit d'administration.
3 - j'ai configuré Mantis avec active directory moyennant la configuration suivant :
# --- General LDAP configuration ---
$g_login_method = LDAP;
$g_ldap_protocol_version = 3;
$g_ldap_server = "ldap://xxx.xxxx.xx:389";
#$g_ldap_port = 389;
$g_ldap_bind_dn = "CN=udd,OU=DEPARTEMENT SYSTEME D'INFORMATION,DC=xxxx,DC=xx";
$g_ldap_uid_field = 'sAMAccountName';
$g_ldap_bind_passwd = 'motdepasse';
$g_ldap_root_dn = "DC=xxxx";
$g_ldap_organization = "(objectClass=*)";
$g_ldap_realname_field = 'cn';
$g_use_ldap_email = ON;
$g_allow_signup = OFF;


Mon problème est le suivant :
quand je veux m'authentifier avec l'utilisateur 'udd' qui existe bel et bien dans mon annuaire AD, un message s'affiche en indiquant que le compte est désactivé ou le login ou le mot de passe sont incorrects :
Dans les fichiers logs j'ai les informations suivants :

2014-09-18 19:10 CEST ldap Binding to LDAP server
2014-09-18 19:10 CEST ldap Attempting connection to LDAP URI 'ldap://xxxx.xxxx.xx:389'.
2014-09-18 19:10 CEST ldap Connection accepted by LDAP server
2014-09-18 19:10 CEST ldap Setting LDAP protocol version to 3
2014-09-18 19:10 CEST ldap Attempting bind to ldap server with username and password
2014-09-18 19:10 CEST ldap Bind to ldap server successful
2014-09-18 19:10 CEST ldap Searching for (&(sAxxccountName=administrator))
2014-09-18 19:10 CEST ldap No xxtching entries found
2014-09-18 19:10 CEST ldap Unbinding from LDAP server
2014-09-18 19:10 CEST ldap Authentication failed
2014-09-18 19:10 CEST ldap Binding to LDAP server
2014-09-18 19:10 CEST ldap Attempting connection to LDAP URI 'ldap://xxxx.xxxx.xx:389'.
2014-09-18 19:10 CEST ldap Connection accepted by LDAP server
2014-09-18 19:10 CEST ldap Setting LDAP protocol version to 3
2014-09-18 19:10 CEST ldap Attempting bind to ldap server with username and password
2014-09-18 19:10 CEST ldap Bind to ldap server successful
2014-09-18 19:10 CEST ldap Searching for (&(sAxxccountName=udd))
2014-09-18 19:10 CEST ldap No xxtching entries found
2014-09-18 19:10 CEST ldap Unbinding from LDAP server
2014-09-18 19:10 CEST ldap Authentication failed
2014-09-18 19:10 CEST ldap Binding to LDAP server
2014-09-18 19:10 CEST ldap Attempting connection to LDAP URI 'ldap://xxxx.xxxx.xx:389'.
2014-09-18 19:10 CEST ldap Connection accepted by LDAP server
2014-09-18 19:10 CEST ldap Setting LDAP protocol version to 3
2014-09-18 19:10 CEST ldap Attempting bind to ldap server with username and password
2014-09-18 19:10 CEST ldap Bind to ldap server successful
2014-09-18 19:10 CEST ldap Searching for (&(sAxxccountName=administrator))
2014-09-18 19:10 CEST ldap No xxtching entries found
2014-09-18 19:10 CEST ldap Unbinding from LDAP server
2014-09-18 19:10 CEST ldap Authentication failed

Re: Mantis - Active Directory Authentification

Posted: 22 Sep 2014, 11:54
by Nolkyz
Bonjour,

A tu créer les utilisateurs dans Mantis ?

Cordialement Nolkyz.

Re: Mantis - Active Directory Authentification

Posted: 22 Sep 2014, 12:02
by Zenpower
Oui, l'utilisateur "udd" je l'ai créé sur Mantis.
Par contre 'administrator' est celui qui est créé lors de l'installation de Mantis.

Re: Mantis - Active Directory Authentification

Posted: 24 Nov 2014, 21:38
by ZiZou1991
Please
what's wrong in this code
PS: my domain is mantis.local
ou=mantis, user=zeyd

/**************************
* MantisBT LDAP Settings *
**************************/

/**
* Specifies the LDAP or Active Directory server to connect to, and must be
* provided as an URI
* - Protocol is optional, can be one of ldap or ldaps, defaults to ldap
* - Port number is optional, and defaults to 389. If this doesn't work, try
* using one of the following standard port numbers: 636 (ldaps); for Active
* Directory Global Catalog forest-wide search, use 3268 (ldap) or 3269 (ldaps)
*
* Examples of valid URI:
*
* ldap.example.com
* ldap.example.com:3268
* ldap://ldap.example.com/
* ldaps://ldap.example.com:3269/
*
* @global string $g_ldap_server
*/
$g_ldap_server = 'ldap://Server:389';

$g_ldap_port = 389;
/**
*
* @global string $g_ldap_root_dn
*/
$g_ldap_root_dn = 'ou=mantis,dc=mantis,dc=local';

/**
* e.g. '(organizationname=*Traffic)'
* @global string $g_ldap_organization
*/
$g_ldap_organization = '';

/**
* Use 'sAMAccountName' for Active Directory
* @global string $g_ldap_uid_field
*/
$g_ldap_uid_field = 'sAMAccountName';

/**
* The LDAP field for real name (i.e. common name).
* @global string $g_ldap_realname_field
*/
$g_ldap_realname_field = 'cn';

/**
* The distinguished of the user account to use for binding to the LDAP server.
* For example, 'CN=ldap,OU=Administrators,DC=example,DC=com'.
*
* @global string $g_ldap_bind_dn
*/
$g_ldap_bind_dn = 'cn=Zeyd,ou=mantis,dc=mantis,dc=local';

/**
* The password for the service account to be used for connecting to the LDAP server.
*
* @global string $g_ldap_bind_passwd
*/
$g_ldap_bind_passwd = 'etmjf0347md.:;()';

/**
* Should we send to the LDAP email address or what MySql tells us
* @global int $g_use_ldap_email
*/
$g_use_ldap_email = ON;

/**
* Whether or not to pull the real name from LDAP.
* ON from LDAP, OFF from database.
* @global int $g_use_ldap_realname
*/
$g_use_ldap_realname = OFF;

/**
* The LDAP Protocol Version, if 0, then the protocol version is not set. For Active Directory use version 3.
*
* @global int $g_ldap_protocol_version
*/
$g_ldap_protocol_version = 3;

/**
* Determines whether the LDAP library automatically follows referrals returned by LDAP servers or not.
* This maps to LDAP_OPT_REFERRALS ldap library option. For Active Directory, this should be set to OFF.
*
* @global int $g_ldap_follow_referrals
*/
$g_ldap_follow_referrals = ON;

/**
* For development purposes, this is a configuration option that allows replacing
* the ldap communication with a comma separated text file. The text file has a line per user.
* Each line includes: user name, user real name, email, password. For production
* systems this option should be set to ''.
*/
$g_ldap_simulation_file_path = '';