- Posts: 10
- Thank you received: 0
Welcome to the LimeSurvey Community Forum
Ask the community, share ideas, and connect with other LimeSurvey users!
LDAP authentication AD Problem
- sherry721
- Topic Author
- Offline
- New Member
Less
More
7 years 1 month ago #148443
by sherry721
LDAP authentication AD Problem was created by sherry721
I'm trying to configure LimeSurvey Version 2.59.1+170116 to lookup in Active Directory via ldap and query users. (LimeSurvey server is Ubuntu 16.04, AD Server is Windows 2012 R2)
I tried all kind of configurations, including LdapSoftware to test quarry users. Currently I still can't configure the plug-in to be able to query windows users logon name from the domain via one of the Domain Controllers.
Also created AD users with rights to read over required users OU's and created same user with same password in Limesurvey, still can't query.
I'm attaching picture of my Ldap plugin configuration and the error I get. Tried all kind of configurations, even manual config of the ldap.php config.php files and still wasn't able to query. Any help will really appreciated!
Will be really helpful if someone can take screenshot of working ldap plugin module configuration with Active Directory users bind!
P.S. Attached screenshot of the ldap module config and error I get.
Thanks in advance!
I tried all kind of configurations, including LdapSoftware to test quarry users. Currently I still can't configure the plug-in to be able to query windows users logon name from the domain via one of the Domain Controllers.
Also created AD users with rights to read over required users OU's and created same user with same password in Limesurvey, still can't query.
I'm attaching picture of my Ldap plugin configuration and the error I get. Tried all kind of configurations, even manual config of the ldap.php config.php files and still wasn't able to query. Any help will really appreciated!
Will be really helpful if someone can take screenshot of working ldap plugin module configuration with Active Directory users bind!
P.S. Attached screenshot of the ldap module config and error I get.
Thanks in advance!
Attachments:
The topic has been locked.
- DenisChenu
- Offline
- LimeSurvey Community Team
Less
More
- Posts: 13935
- Thank you received: 2551
7 years 1 month ago #148446
by DenisChenu
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
Replied by DenisChenu on topic LDAP authentication AD Problem
Actual LDAP plugin are only compatible via Simple LDAP login for AD.
You can not choose user group or any other things without make your own plugin.
You can not choose user group or any other things without make your own plugin.
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
- sherry721
- Topic Author
- Offline
- New Member
Less
More
- Posts: 10
- Thank you received: 0
7 years 1 month ago #148454
by sherry721
Replied by sherry721 on topic LDAP authentication AD Problem
Hi Denis,
Do you mean below setting is incorrect?
$ldap_queries[$query_id] = '(&(objectClass=user)(!(userAccountControl=514)))';
Do you mean below setting is incorrect?
$ldap_queries[$query_id] = '(&(objectClass=user)(!(userAccountControl=514)))';
The topic has been locked.
- DenisChenu
- Offline
- LimeSurvey Community Team
Less
More
- Posts: 13935
- Thank you received: 2551
7 years 1 month ago #148455
by DenisChenu
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
Replied by DenisChenu on topic LDAP authentication AD Problem
ldap.php is done only for ldap import token. You don't have to touch it : it's not linked with LDAP authentification plugin ...
See the big waring on our manual : manual.limesurvey.org/LDAP_settings
And you can not do what you want with included AuthLDAP plugin : manual.limesurvey.org/Authentication_plugins#LDAP
See the big waring on our manual : manual.limesurvey.org/LDAP_settings
And you can not do what you want with included AuthLDAP plugin : manual.limesurvey.org/Authentication_plugins#LDAP
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
- sherry721
- Topic Author
- Offline
- New Member
Less
More
- Posts: 10
- Thank you received: 0
7 years 1 month ago #148502
by sherry721
Replied by sherry721 on topic LDAP authentication AD Problem
Hi Denis,
I refer those document before, but my situation is that "authentication with LDAP and sAMaccountName attribute" & enable "Automatically create user if it exists in LDAP server".
I found the document has one error. manual.limesurvey.org/Authentication_plugins#LDAP
The setting of "Attribute to compare to the given login can be uid, cn, mail, ..." should use "sAMAccountName" not "cn=: empty"
After I changed the setting to "sAMAccountName", I can successfully use "lastname.firstname" to login.
I refer those document before, but my situation is that "authentication with LDAP and sAMaccountName attribute" & enable "Automatically create user if it exists in LDAP server".
I found the document has one error. manual.limesurvey.org/Authentication_plugins#LDAP
The setting of "Attribute to compare to the given login can be uid, cn, mail, ..." should use "sAMAccountName" not "cn=: empty"
After I changed the setting to "sAMAccountName", I can successfully use "lastname.firstname" to login.
The topic has been locked.