LDAP Unable to retrive user information, please check your bind user permissions

Technical assistance
1

Hi there,

i tried to enable LDAP, but zamamd can’t retrive user information.

The LDAP seach base should be
ou=Users,o=598cf0529a827c0769dc8a71,dc=jumpcloud,dc=com

and

LDAP search filter
(&(objectClass=inetOrgPerson)(uid=?))

Is this possible? May this caused this error?

Log says:

I, [2018-04-10T16:03:16.408283 #30561]  INFO -- :   Parameters: {"base_dn"=>"dc=jumpcloud,dc=com", "bind_user"=>"uid=ldapservice,ou=Users,o=598cf0529a827c0769dc8a71,dc=jumpcloud,dc=com", "bind_pw"=>"[FILTERED]", "host_url"=>"ldaps://ldap.jumpcloud.com:636", "ssl_verify"=>true}
I, [2018-04-10T16:03:18.137001 #30561]  INFO -- : Completed 200 OK in 1729ms (Views: 0.5ms | ActiveRecord: 3.1ms)
I, [2018-04-10T16:03:18.209853 #30583]  INFO -- : Started job thread for 'Check Channels' (Channel.fetch)...
I, [2018-04-10T16:03:18.219447 #30583]  INFO -- : execute Channel.fetch (try_count 0)...
I, [2018-04-10T16:03:20.427574 #30561]  INFO -- : Started GET "/api/v1/integration/ldap/job_start?_=1523368971992" for 84.187.133.123 at 2018-04-10 16:03:20 +0200
I, [2018-04-10T16:03:20.434042 #30561]  INFO -- : Processing by Integration::LdapController#job_start_index as JSON
I, [2018-04-10T16:03:20.434148 #30561]  INFO -- :   Parameters: {"_"=>"1523368971992"}
I, [2018-04-10T16:03:20.450299 #30561]  INFO -- : Completed 200 OK in 16ms (Views: 0.4ms | ActiveRecord: 3.7ms)
I, [2018-04-10T16:03:21.898241 #30561]  INFO -- : Completed 200 OK in 25028ms (Views: 0.3ms | ActiveRecord: 2.0ms)
I, [2018-04-10T16:03:21.938962 #30561]  INFO -- : Started POST "/api/v1/message_receive" for 84.187.133.123 at 2018-04-10 16:03:21 +0200
I, [2018-04-10T16:03:21.946069 #30561]  INFO -- : Processing by LongPollingController#message_receive as JSON
I, [2018-04-10T16:03:21.946216 #30561]  INFO -- :   Parameters: {"client_id"=>"8241268147"}
I, [2018-04-10T16:03:25.549084 #30561]  INFO -- : Started GET "/api/v1/integration/ldap/job_start?_=1523368971993" for 84.187.133.123 at 2018-04-10 16:03:25 +0200
I, [2018-04-10T16:03:25.558574 #30561]  INFO -- : Processing by Integration::LdapController#job_start_index as JSON
I, [2018-04-10T16:03:25.558718 #30561]  INFO -- :   Parameters: {"_"=>"1523368971993"}
I, [2018-04-10T16:03:25.583714 #30561]  INFO -- : Completed 200 OK in 25ms (Views: 0.8ms | ActiveRecord: 5.0ms)

Thanks!

2

Hi @phanpatrik - I can’t see any error. What’s the error you get?

3

Hi @thorsteneckel

That’s the question. There’s no shown error in log. Just the output while set up ldap connection. So I also can’t reproduce this error.

On other applications like Apache LDAP Auth or Wordpress it works fine.

4

What is the output you are writing about?

5

Sorry! :slightly_smiling_face:

It’s Unable to retrive user information, please check your bind user permissions from title.

6

I think your filter is not (yet) supported. Please try adding it in this list (at a leading position):

Restart your Zammad application and retry. :crossed_fingers:

7

What’s the correct syntax for (&(objectClass=inetOrgPerson)(uid=?)) ? I tried to add

'(&(objectClass=inetOrgPerson)(uid=?))' to the line, but Zammad calls, that my search filter is wrong.

8

Maybe this information can provide more for my problem:

https://support.jumpcloud.com/customer/en/portal/articles/2439978-filtering-by-user-or-group-in-ldap-search-filters-

9

I think this is actually an issue. Could you please combine the information from this topic and migrate it over to an Issue on Github? Thanks! We come back to you for testing our changes when we have the time.

1 Like
10

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.