- Posts: 26
- Thank you received: 0
Welcome to the LimeSurvey Community Forum
Ask the community, share ideas, and connect with other LimeSurvey users!
LDAPAuth configuration problem
- lob
- Topic Author
- Offline
- Junior Member
Less
More
6 years 3 months ago - 6 years 3 months ago #160807
by lob
LDAPAuth configuration problem was created by lob
Hello,
I'm trying to configure the settings for my AD authentication. LDAP is activated using PHP 7.1 and IIS.
But I don't get access with LDAP to LimeSurvey.
Using a user that is not in internal db yet returns:
"Incorrect username and/or password!"
Using a user thats username is in internal db already returns:
"Can't contact LDAP server"
This is what my configuration looks like:
Setting for plugin: AuthLDAP
LDAP server: ldap://server1.de.com
Port number: 389
LDAP version: LDAPv2
Select how to perform authentication: Simple bind
Username prefix: cn=Admin,cn=Users,dc=de,dc=com
Username suffix: cn=Users,dc=de,dc=com
Allow initial user to login via LDAP --> checked
But it's still not possible to login with accounts from AD.
I've found a thread that described it is necessary to create that specific user you want to login with in LimeSurvey data base to get access with LDAP authentication method?? ( www.limesurvey.org/forum/plugins/95966-s...?limitstart=0#109970 )
I'm trying to configure the settings for my AD authentication. LDAP is activated using PHP 7.1 and IIS.
But I don't get access with LDAP to LimeSurvey.
Using a user that is not in internal db yet returns:
"Incorrect username and/or password!"
Using a user thats username is in internal db already returns:
"Can't contact LDAP server"
This is what my configuration looks like:
Code:
$serverId=0; $ldap_server[$serverId]['server'] = "ldap://server1.de.com"; $ldap_server[$serverId]['port'] = "389"; $ldap_server[$serverId]['protoversion'] = "ldapv2"; $ldap_server[$serverId]['encrypt'] = "ldaps"; $ldap_server[$serverId]['referrals'] = false; $ldap_server[$serverId]['binddn'] = "cn=Admin,cn=Users,dc=de,dc=com"; $ldap_server[$serverId]['bindpw'] = "xxx"; $query_id=0; $ldap_queries[$query_id]['ldapServerId'] = 0; $ldap_queries[$query_id]['name'] = 'Staff with an enabled account'; $ldap_queries[$query_id]['userbase'] = 'cn=Users,dc=de,dc=com'; $ldap_queries[$query_id]['userscope'] = 'sub'; $ldap_queries[$query_id]['firstname_attr'] = 'givenname'; $ldap_queries[$query_id]['lastname_attr'] = 'sn'; $ldap_queries[$query_id]['email_attr'] = 'mail'; $ldap_queries[$query_id]['token_attr'] = ''; // Leave empty for Auto Token generation bu phpsv $ldap_queries[$query_id]['language'] = ''; $ldap_queries[$query_id]['attr1'] = ''; $ldap_queries[$query_id]['attr2'] = '';
Setting for plugin: AuthLDAP
LDAP server: ldap://server1.de.com
Port number: 389
LDAP version: LDAPv2
Select how to perform authentication: Simple bind
Username prefix: cn=Admin,cn=Users,dc=de,dc=com
Username suffix: cn=Users,dc=de,dc=com
Allow initial user to login via LDAP --> checked
But it's still not possible to login with accounts from AD.
I've found a thread that described it is necessary to create that specific user you want to login with in LimeSurvey data base to get access with LDAP authentication method?? ( www.limesurvey.org/forum/plugins/95966-s...?limitstart=0#109970 )
Last edit: 6 years 3 months ago by lob.
The topic has been locked.
- lob
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 26
- Thank you received: 0
6 years 3 months ago - 6 years 3 months ago #160919
by lob
Replied by lob on topic LDAPAuth configuration problem
Anyone who can help me?
This is what I found here: manual.limesurvey.org/LDAP_settings#What..._Active_Directory.3F
$ldap_server[$serverId] = "domain\\user";
//$ldap_server[$serverId] = "CN=user,OU=user_group,DC=xxx,DC=yyy"; this one will not work with active directory, that´s why you need to use "domain\\user"
What would be a example with CN=user,OU=user_group,DC=xxx,DC=yyy according to to the first line?
This is what I found here: manual.limesurvey.org/LDAP_settings#What..._Active_Directory.3F
$ldap_server[$serverId] = "domain\\user";
//$ldap_server[$serverId] = "CN=user,OU=user_group,DC=xxx,DC=yyy"; this one will not work with active directory, that´s why you need to use "domain\\user"
What would be a example with CN=user,OU=user_group,DC=xxx,DC=yyy according to to the first line?
Last edit: 6 years 3 months ago by lob.
The topic has been locked.