View Issue Details

IDProjectCategoryView StatusLast Update
0028344mantisbtldappublic2021-05-12 09:34
Reporterfranceschinl Assigned Todregad  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionno change required 
Summary0028344: LDAP Error
Description

Hello i try to configure LDAP but i have this error (from log)

2021-04-26 15:43 CEST LDAP ldap_api.php:376 ldap_authenticate_by_username() Binding to LDAP server
2021-04-26 15:43 CEST LDAP ldap_api.php:67 ldap_connect_bind() Checking syntax of LDAP server URI 'ldap://10.0.0.24:389/'.
2021-04-26 15:43 CEST LDAP ldap_api.php:76 ldap_connect_bind() LDAP server URI syntax check succeeded
2021-04-26 15:43 CEST LDAP ldap_api.php:89 ldap_connect_bind() Setting LDAP protocol version to 3
2021-04-26 15:43 CEST LDAP ldap_api.php:107 ldap_connect_bind() Attempting to set minimum TLS protocol
2021-04-26 15:43 CEST LDAP ldap_api.php:146 ldap_connect_bind() Attempting anonymous bind to ldap server
2021-04-26 15:43 CEST LDAP ldap_api.php:155 ldap_connect_bind() Bind to ldap server successful
2021-04-26 15:43 CEST LDAP ldap_api.php:380 ldap_authenticate_by_username() Searching for (&(uid=administrator))

WHY?

Thanks

TagsNo tags attached.

Activities

dregad

dregad

2021-04-27 02:33

developer   ~0065433

I don't see any errors here, just a normal log trace...

franceschinl

franceschinl

2021-04-27 02:49

reporter   ~0065434

Hello,
the error is that if I am connected with a user other than Administrator (eg my LDAP user "userxxx") when I try to make the connection, as you can see in the log, he always looks for uid = administrator.
I also tried changing the following settings:
$g_ldap_uid_field = 'uid' -> $g_ldap_uid_field = 'sAMAccountName';

Only valid solution is insert in $g_ldap_bind_dn and $g_ldap_bind_passwd the admin LDAP password but is most risk.

Do you have solution?

dregad

dregad

2021-04-27 04:42

developer   ~0065439

You can simply ignore this, it is not an error but a normal safety check.

If you have a valid, active administrator user in your system, then MantisBT verifies at login time that the user's password is not the default root (https://github.com/mantisbt/mantisbt/blob/release-2.25.0/login_page.php#L147).

To avoid the check, you can either rename or disable the administrator account in MantisBT.

franceschinl

franceschinl

2021-04-27 06:01

reporter   ~0065443

You have use SampleAuth plugin? is possible Send Current username to this plugin?

dregad

dregad

2021-04-27 09:59

developer   ~0065446

I am not sure why you mention SampleAuth plugin... I'm not using that or any other auth plugins at all here, just plain Mantis authentication.