Mantis Bug Tracker - Forums


https://mantisbt.org/forums/

I can't get LDAP to work

https://mantisbt.org/forums/viewtopic.php?t=6607

Page 1 of 1

I can't get LDAP to work

Posted: 26 Jan 2009, 20:04
by Treikayan
Hello,

I am having a hard time getting LDAP to work with our Mantis. One problem involves users being in different OUs. For instance, we have "OU=Administrators,OU=USA,DC=domain,DC=local" and we also have users here in "OU=Users,OU=USA,DC=domain,DC=local." How do I setup $g_ldap_bind_dn in the "config_inc.php" file? Here are my settings for "config_inc.php."

Code: Select all

        # --- LDAP Settings
        $g_login_method = LDAP;
        $g_ldap_server = "ldap://clehbdc01.broadvox.local:389/";

        $g_ldap_root_dn = "dc=broadvox,dc=local";
        $g_allow_signup = OFF;
        $g_use_ldap_email = OFF;
        $g_lost_password_feature = OFF;
        $g_ldap_bind_dn = "ou=Users,ou=USA,dc=broadvox,dc=local";
        $g_ldap_uid_field = "sAMAccountName";
        $g_ldap_port = 389;
        $g_ldap_bind_passwd = '';
How would I also modify the "core/ldap_api.php" file as well? Before we implemented the LDAP settings, we had two users in the system who could log on. After the LDAP settings took affect, those two same users were able to log in, but I tried adding other users to the system. None of those users could log on via LDAP. Here is my "core/ldap_api.php" settings:

Code: Select all

                function ldap_authenticate( $p_user_id, $p_password ){
                if (is_blank($p_password))
                return false;
                $t_ldap_host = config_get('ldap_server');
                $t_ldap_port = config_get('ldap_port');
                $t_ldap_rdn = config_get('ldap_root_dn');
                $t_ldap_bnd = config_get('ldap_bind_dn');
                $t_ds = ldap_connect($t_ldap_host, $t_ldap_port) or die('Unable to connect to LDAP server<br />');
                $t_user = user_get_field($p_user_id, 'realname'); //This checks the users Real Name instead of username
                $t_uname = user_get_field($p_user_id, 'username');
#               $binddn = "CN=$t_user ($t_uname),$t_ldap_rdn";
                $binddn = "CN=$t_user,$t_ldap_bnd";
                $t_authenticated = false;
                if(@ldap_bind($t_ds,$binddn,$p_password))
                $t_authenticated = true;
                return $t_authenticated;
Whever a user tries to log in they see, "Your account may be disabled or blocked or the username/password you entered is incorrect."
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited