LDAP Trouble

[jsteel]

Hi,

I have a Debian install with Mantis 1.1.6+dfsg-2lenny1.

I'm trying to get Active Directory authentication working using LDAP. I followed the steps here (http://www.mantisbt.org/wiki/doku.php/m ... 0directory) but I am stuck with the following error:

APPLICATION ERROR #1400 LDAP Authentication Failed.

I've seen similar posts here, but none have helped me resolve this problem. Below is my configuration. Any help would be greatly appreciated. Thank you.

$g_login_method = LDAP;
$g_ldap_server = 'ldap://10.11.12.13';
$g_ldap_port = 389;
$g_ldap_root_dn = 'ou=users,dc=mydomain,dc=internal';
$g_ldap_bind_dn = 'cn=myuser,dc=mydomain,dc=internal';
$g_ldap_bind_passwd = 'mypassword';
$g_ldap_organization = '';
$g_use_ldap_email = ON;
$g_ldap_protocol_version = 3;
$g_ldap_uid_field= 'sAMAccountName';

[deboutv]

Did you try an ldapsearch from the webserver host with the same parameter to make sure that the issue is really coming from Mantis?

[jsteel]

Thanks, I've been looking into this. I've tried the following:

ldapsearch -x -H ldap://10.11.12.13:389 -D adminuser -w adminpassword "(uid=administrator)"

But I get this (below). I've tried searching using different credentials and searching for other uid, cs, sn etc. but I keep getting the same response. Do you think the servers are blocking my requests? Is there something I can try changing on the Windows servers to allow the searching to work?
Maybe I need to specify where to search, such as a specific OU. How would I specify this? Thanks.

# extended LDIF
#
# LDAPv3
# base <> (default) with scope subtree
# filter: (cn=swradmin)
# requesting: ALL
#
# search result
search: 2
result: 32 No such object
text: 0000208D: NameErr: DSID-031001A8, problem 2001 (NO_OBJECT), data 0, bes
t match of:
''

[jsteel]

I got past that problem with:

ldapsearch -x -H ldap://10.11.12.13:389 -D adminuser -w adminpassword -b "dc=domain,dc=internal" "(cn=administrator)"

After changing the username to match the layout above, and removing the OU entry it works!

Thanks for pointing me in the right direction.

[jsteel]

It's working well, but the errors below are shown:

1) sometimes when viewing the login page
2) always after logging out
3) always with a failed login attempt
4) sometimes randomly in a table (next to a username)

SYSTEM WARNING: ldap_search() [function.ldap-search]: Search: Operations error
SYSTEM WARNING: ldap_get_entries(): supplied argument is not a valid ldap result resource
SYSTEM WARNING: ldap_free_result(): supplied argument is not a valid ldap result resource

Any ideas with this? Thanks

[vboctor]

This seems to me like a bug. It may actually be related to http://www.mantisbt.org/bugs/view.php?id=10944

[PeasantKing]

Hi Guys/Gals,

Looking to switch over our development bug tracking to mantis. Got Mantis 1.18 with everything up and going on Ubuntu 9.10. I have the same errors come up at the login page and when I log in I get the following:

SYSTEM WARNING: ldap_search() [function.ldap-search]: Search: Operations error

SYSTEM WARNING: ldap_get_entries(): supplied argument is not a valid ldap result resource

SYSTEM WARNING: ldap_free_result(): supplied argument is not a valid ldap result resource

Is there solution to this problem? Can some one help? This is the last road block to switch over to Mantis.

I can use the CLI ldapsearch and get results back with the same setting that I have in the config_inc.php. I have included this below for completeness.

Any help would be appreciated thanks,

Corey

Code: Select all

	$g_login_method = LDAP;
	# --- using openldap -------------
	$g_ldap_server			= 'ldap://192.168.50.14:389';
	$g_ldap_port			= '389';
	$g_ldap_root_dn		= 'DC=network,DC=com';
	$g_ldap_organization		= '';    # e.g. '(organizationname=*Traffic)'
	$g_ldap_uid_field		= 'sAMAccountName'; # Use 'sAMAccountName' for Active Directory
	$g_ldap_bind_dn		= 'xxx@network.com';
	$g_ldap_bind_passwd		= 'xxxxx';

	$g_use_ldap_email		= OFF; # Should we send to the LDAP email address or what MySql tells us

	# The LDAP Protocol Version, if 0, then the protocol version is not set.
	$g_ldap_protocol_version = 0;