Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LDAP Issue - Unable to connect via LDAPS to OpenLDAP server #465

Open
K-J-VV opened this issue May 2, 2024 · 2 comments
Open

LDAP Issue - Unable to connect via LDAPS to OpenLDAP server #465

K-J-VV opened this issue May 2, 2024 · 2 comments

Comments

@K-J-VV
Copy link

K-J-VV commented May 2, 2024
edited

Describe the bug
I'm unable to connect FileGator (docker container) to my LDAP server. The LDAP server is OpenLDAP and it is configured to only accept LDAPS connection over SSL/TLS. No issues connecting other services (KeyCloak, etc.) to the server, but cannot seem to figure out FileGator.

I've searched documentation/issues and see no mention of anyone else using LDAPS. Is this potentially the problem? I've tried specifying the port (636), but still same error displays.

I'd very much appreciate the help, trying to have a web based file browser for family to use but need one that can let me manage users/logins via either LDAP or OIDC

LDAP configuration.php

        'Filegator\Services\Auth\AuthInterface' => [
            'handler' => '\Filegator\Services\Auth\Adapters\LDAP',
            'config' => [
                    'private_repos' => false,
                    'ldap_server'=>'ldaps://openldap.example.com',
                    //'ldap_server'=>'ldaps://openldap.example.com:636',
                    'ldap_bindDN'=>'cn=admin,dc=example,dc=com',
                    'ldap_bindPass'=>'SoMePa5sWoRd',
                    'ldap_baseDN'=>'dc=example,dc=com',
                    'ldap_filter'=>'(&(uid=*)(objectCategory=inetOrgPerson)(objectCategory=person)(objectClass=posixAccount))',
                    'ldap_attributes' => ["uidNumber"],
                    'ldap_userFieldMapping'=> [
                        'username' =>'uid',
                        'username_AddDomain' =>'@example.com',
                        'username_RemoveDomains' =>['@department1.example.com', '@department2.example.com'],
                        'name' =>'cn',
                        'userDN' =>'dn',
                        'default_permissions' => 'read|write|upload|download|batchdownload|zip',
                        'admin_usernames' =>['admin', 'user1'],
                    ],
            ],
        ],

Error displayed when viewing at filegator.example.com
Fatal error: Uncaught Exception: Cannot Bind to LDAP server: Wrong credentials? in /var/www/filegator/backend/Services/Auth/Adapters/LDAP.php:184 Stack trace: #0 /var/www/filegator/backend/Services/Auth/Adapters/LDAP.php(129): Filegator\Services\Auth\Adapters\LDAP->getUsers() #1 /var/www/filegator/backend/Services/Auth/Adapters/LDAP.php(140): Filegator\Services\Auth\Adapters\LDAP->find('guest') #2 /var/www/filegator/backend/Services/Router/Router.php(33): Filegator\Services\Auth\Adapters\LDAP->getGuest() #3 /var/www/filegator/vendor/php-di/php-di/src/Definition/Resolver/ObjectCreator.php(143): Filegator\Services\Router\Router->__construct(Object(Filegator\Kernel\Request), Object(Filegator\Services\Auth\Adapters\LDAP), Object(Filegator\Container\Container)) #4 /var/www/filegator/vendor/php-di/php-di/src/Definition/Resolver/ObjectCreator.php(71): DI\Definition\Resolver\ObjectCreator->createInstance(Object(DI\Definition\ObjectDefinition), Array) #5 /var/www/filegator/vendor/php-di/php-di/src/Definition/Resolver/ResolverDispatcher.php(71): DI\Definition\Resolver\ObjectCreator->resolve(Object(DI\Definition\ObjectDefinition), Array) #6 /var/www/filegator/vendor/php-di/php-di/src/Container.php(390): DI\Definition\Resolver\ResolverDispatcher->resolve(Object(DI\Definition\ObjectDefinition), Array) #7 /var/www/filegator/vendor/php-di/php-di/src/Container.php(139): DI\Container->resolveDefinition(Object(DI\Definition\ObjectDefinition)) #8 /var/www/filegator/backend/App.php(32): DI\Container->get('\\Filegator\\Serv...') #9 /var/www/filegator/dist/index.php(50): Filegator\App->__construct(Object(Filegator\Config\Config), Object(Filegator\Kernel\Request), Object(Filegator\Kernel\Response), Object(Filegator\Kernel\StreamedResponse), Object(Filegator\Container\Container)) #10 {main} thrown in /var/www/filegator/backend/Services/Auth/Adapters/LDAP.php on line 184
@ardacetin
Copy link

Check your LDAP information and LDAP path.

Cannot Bind to LDAP server: Wrong credentials

@K-J-VV
Copy link
Author

K-J-VV commented May 14, 2024
edited

@ardacetin I've dried dozens of different paths/bindings, cannot get this to work for FileGator. I have several other containers connected via LDAP no problem.

Any chance would you be able to provide an example config that is working with OpenLDAP? I'm using the container made by osixia

Would anyone be able to confirm a working instance of LDAPS via port 636? I'm partly convinced the issue is I see no documentation/reference to specifying ldaps:// vs ldap:// or ports 389 vs 636. So likely however LDAP connection is setup simply defaults to ldap:// and port 389

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ardacetin @K-J-VV