LDAP with not default port makes trouble

Infos:

  • Used Zammad version: 2.9
  • Used Zammad installation source: (source, package, …) deb
  • Operating system: Ubuntu 16.04
  • Browser + version: latest Chrome

Expected behavior:

  • If I connect the LDAP with Port3268 it should also assign a group

Actual behavior:

  • I connect via the webinterface (Zammad)
  • Its possible to add the port to the hostname (example my.domain.at:3268)
  • I found all the information and assign it to a specific group
  • After starting the sync the assignment doesn’t apply (In the Info i see “0 to creat”)

Steps to reproduce the behavior:

  • Create a LDAP Integration
  • Add the port to the Hostname (:3268)
  • assign AD Groups to Zammad Groups
  • start

I have to use this port, because we have a subdomain in the AD Forrest. With this port its possible to retrieve the information from the subdomain. Its possible to assign an AD Group to a zammad group, so I think the connection still work. But after that Zammad let me know thats not necessary to create an user. If I add a user to the main domain the assignment works.

Do I understand correctly that if you configure an alternative port via webgui you get no errors inside UI nor logfile?
If the sync starts nothing happens/the sync just finishes without any error and updates? Does the logfile give a clue maybe?

Also quite important: Are we talking about ldap or ldapS ?

Hi MrGeneration

Yes you understand it :slight_smile: I’m not shure about looking the right log (production.log?) but there is no hint about that. My situation is that i have an AD Forrest

  • Domain.tld
    – sub.domin.tld

The port 3268 is an default port to search about more that the main domain. If i change something in the main Domain the sync works like a charm. But If i try to add some users from the sub.domain.tld its possible to assign the Global Group (AD) to a Zammad Group, but after syncing the sub.domain.tld assignment doesn’t work. The change in the main Domian was made by the sync job.

And I’m working with LDAP (not LDAPS)

thanks

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.