LDAP Support in Mantis

[Naatan]

Hi,

I know that mantis supports ldap up to a certain degree, but it isn't documented anywhere in any way up to what degree this is and basically how it works?!

My question, is it possible at this point to have both database and LDAP accounts authenticate to Mantis? Also, I saw in another thread that you had to create all your LDAP user in the mantis DB in order for them to login.. but this defeats the very purpose of integrating Mantis with LDAP, if you still have to create the users in the DB.. what's the point?!

I have managed to setup Mantis with LDAP, but I can't login with any LDAP logins, it just says "Your account may be disabled or blocked or the username/password you entered is incorrect".

Note that I am using Active Directory.

My config:

Code: Select all

        $g_login_method = LDAP;
        $g_ldap_protocol_version = 3;
        $g_ldap_server = 'ldap://domain.local/';
        $g_ldap_port = '389';
        $g_ldap_root_dn = 'dc=domain,dc=local';
        $g_ldap_organisation = 'domain';
        $g_ldap_uid_field = 'sAMAccountName';
        $g_ldap_bind_dn = 'CN=User Name,OU=Regular,OU=Users,OU=DomainName,DC=domain,DC=local';
        $g_ldap_bind_passwd = '******';

[Naatan]

Sadly it seems Mantis isn't actively supported, with a thread going without answers for a week.

I've by now developed my own login script which authenticates the user over Active Directory and then adds the user (if it isnt in the db already) to the database, after that it simply sets the Mantis cookie, if Authentication failed it will try authenticating over the Mantis database instead.

This is the way it should function in the first place though, if you ask me.

[RedOne]

Hi Naatan,

I've the same problematic so I am interested by your script.
Can you send it by mail please ?

Thanks

[Devslashnull]

I just recently got LDAP working with Mantis and your configuration below is incorrect

Code: Select all

            $g_login_method = LDAP;
            $g_ldap_protocol_version = 3;
            $g_ldap_server = 'ldap://domain.local/';
            $g_ldap_port = '389';
            $g_ldap_root_dn = 'dc=domain,dc=local';
            $g_ldap_organisation = 'domain';
            $g_ldap_uid_field = 'sAMAccountName';
            $g_ldap_bind_dn = 'CN=User Name,OU=Regular,OU=Users,OU=DomainName,DC=domain,DC=local';
            $g_ldap_bind_passwd = '******';

use the following

Code: Select all

            $g_login_method = LDAP;
            $g_ldap_protocol_version = 3;
            $g_ldap_server = 'ldap://domain.local/';
            $g_ldap_port = '389';
            $g_ldap_root_dn = 'cn=users,dc=domain,dc=local';
            $g_ldap_organisation = 'domain';
            $g_ldap_uid_field = 'sAMAccountName';
            $g_ldap_bind_dn = 'systemAccount';  # A system account to login to LDAP
            $g_ldap_bind_passwd = '******';         # System account password

note that you will need to add cn=users to the $g_ldap_root_dn and you should use an account that has access to ldap to login and check that the user exists.

I just did this against W2k3 AD machine and it worked without a problem.

[karthik085]

Hi,

It took me a quite a while to figure out the problem with Mantis-LDAP authentication & auto-creation. I post my experience hoping it will help others and LDAP is supported better in the future, I recommend reading these 2 particular post also:
#418 on http://manual.mantisbt.org/manual.confi ... cation.php
http://www.mantisbt.org/forums/viewtopi ... 2439#p7148

Question: Facing connection problems?
Answer: I had set my port on $g_ldap_port and server on $g_ldap_server.
eg:
$g_ldap_server = 'ldap://<HOSTNAME>';
$g_ldap_port = '<PORT>;
this turned out to be a connection problem. Solution is to:
$g_ldap_server = 'ldap://<HOSTNAME>:<PORT>';
Ignore $g_ldap_port

Question: LDAP authentication requires accounts to be manually created first
Answer: I creation a similar solution before realizing there already existed one
http://www.mantisbt.org/bugs/view.php?id=5595

[ranjanpatro83]

Hi all,
I am searching for LDAP functionality for Mantis. I took version 1.1.7. In this, I could not find any "function is_password_match $f_username, $p_test_password, $p_password )" in "core/user_API.php" (http://manual.mantisbt.org/manual.custo ... s.ldap.php). The settings are in "config_defaults_inc.php". There is a file "core/ldap_api.php" but even this does not have the function. I set them, but they did not work.


APPLICATION ERROR #1404
LDAP Extension Not Loaded.

Please use the "Back" button in your web browser to return to the previous page. There you can correct whatever problems were identified in this error or select another action. You can also click an option from the menu bar to go directly to a new section.

There was a suggestion to put port number along with domain,
$g_ldap_server = 'ldap://10.11.7.55/:389';
#$g_ldap_port = '389';#originalValue='636';

but his gave to following error, along with the above error
Previous non-fatal errors occurred. Page contents follow.
.
.
.
APPLICATION WARNING #100: Configuration option "ldap_port" not found.


Can any one help me out.

[Kirill]

Your server must have ldap extension for php