Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

LDAP authentication AD Problem

  • sherry721
  • sherry721's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
7 years 1 month ago #148443 by sherry721
LDAP authentication AD Problem was created by sherry721
I'm trying to configure LimeSurvey Version 2.59.1+170116 to lookup in Active Directory via ldap and query users. (LimeSurvey server is Ubuntu 16.04, AD Server is Windows 2012 R2)

I tried all kind of configurations, including LdapSoftware to test quarry users. Currently I still can't configure the plug-in to be able to query windows users logon name from the domain via one of the Domain Controllers.

Also created AD users with rights to read over required users OU's and created same user with same password in Limesurvey, still can't query.

I'm attaching picture of my Ldap plugin configuration and the error I get. Tried all kind of configurations, even manual config of the ldap.php config.php files and still wasn't able to query. Any help will really appreciated!

Will be really helpful if someone can take screenshot of working ldap plugin module configuration with Active Directory users bind!

P.S. Attached screenshot of the ldap module config and error I get.

Thanks in advance!
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
7 years 1 month ago #148446 by DenisChenu
Replied by DenisChenu on topic LDAP authentication AD Problem
Actual LDAP plugin are only compatible via Simple LDAP login for AD.

You can not choose user group or any other things without make your own plugin.

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
  • sherry721
  • sherry721's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
7 years 1 month ago #148454 by sherry721
Replied by sherry721 on topic LDAP authentication AD Problem
Hi Denis,

Do you mean below setting is incorrect?
$ldap_queries[$query_id] = '(&(objectClass=user)(!(userAccountControl=514)))';
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
7 years 1 month ago #148455 by DenisChenu
Replied by DenisChenu on topic LDAP authentication AD Problem
ldap.php is done only for ldap import token. You don't have to touch it : it's not linked with LDAP authentification plugin ...

See the big waring on our manual : manual.limesurvey.org/LDAP_settings

And you can not do what you want with included AuthLDAP plugin : manual.limesurvey.org/Authentication_plugins#LDAP

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
  • sherry721
  • sherry721's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
7 years 1 month ago #148502 by sherry721
Replied by sherry721 on topic LDAP authentication AD Problem
Hi Denis,

I refer those document before, but my situation is that "authentication with LDAP and sAMaccountName attribute" & enable "Automatically create user if it exists in LDAP server".

I found the document has one error. manual.limesurvey.org/Authentication_plugins#LDAP
The setting of "Attribute to compare to the given login can be uid, cn, mail, ..." should use "sAMAccountName" not "cn=: empty"

After I changed the setting to "sAMAccountName", I can successfully use "lastname.firstname" to login.
The topic has been locked.

Lime-years ahead

Online-surveys for every purse and purpose