Hello Joget! My LDAP plugin seems to be having some issues. I've read up some other users comments and the problems seem to be similar, but I jsut can;t see where mine is going wrong.
It's doing the whole 'locking me out' thing that others seem to get, so I have my second browser open for testing logins while staying logged in with the other. As far as I can tell the problem seems to be that it tries to log in (to LDAP) with my currently logged in user, instead of the user I provide in the config.
So I give it the following credentials for the LDAP, this is taken from the wf_setup table:
{
"url": "ldap://ad.dneg.com:389",
"username": "CN=joget,CN=Users,DC=ad,DC=dneg,DC=com",
"password": "HASHEDPASSWORDSTRING",
"rootDN": "dc=ad,dc=dneg,dc=com",
"userBaseDN": "ou=People,dc=ad,dc=dneg,dc=com",
"userImportSearchFilter": "(objectClass=person)",
"user-attr-username": "name",
"user-attr-firstName": "givenName",
"user-attr-lastName": "sn",
"user-attr-email": "mail",
"user-attr-active": "",
"user-attr-timeZone": "",
"user-attr-employeeCode": "",
"user-attr-role": "",
"user-attr-reportTo": "",
"user-attr-mappedToReportToAttr": "distinguishedName",
"user-attr-groups": "memberOf",
"user-attr-mappedToGroupAttr": "distinguishedName",
"user-attr-departments": "",
"user-attr-mappedToDepartmentAttr": "distinguishedName",
"user-attr-grade": "",
"user-attr-mappedToGradeAttr": "distinguishedName",
"groupBaseDN": "ou=Groups,dc=ad,dc=dneg,dc=com",
"groupImportSearchFilter": "(objectClass=group)",
"group-attr-id": "cn",
"group-attr-name": "description",
"group-attr-description": "description",
"group-attr-users": "member",
"group-attr-mappedToUserAttr": "distinguishedName",
"departmentBaseDN": "",
"departmentImportSearchFilter": "",
"department-attr-id": "cn",
"department-attr-name": "description",
"department-attr-description": "description",
"department-attr-hod": "",
"department-attr-users": "member",
"department-attr-mappedToUserAttr": "distinguishedName",
"gradeBaseDN": "",
"gradeImportSearchFilter": "",
"grade-attr-id": "cn",
"grade-attr-name": "description",
"grade-attr-description": "description",
"grade-attr-users": "member",
"grade-attr-mappedToUserAttr": "distinguishedName",
"roleAdminBaseDN": "cn=tech,ou=groups,dc=ad,dc=dneg,dc=com",
"roleAdminImportSearchFilter": "objectClass=group",
"roleAdmin-attr-users": "member",
"roleAdmin-attr-mappedToUserAttr": "distinguishedName",
"resultSize": "100",
"debugMode": "yes"
}
SO with this, I expect it to try and connect with the user 'joget', which is a valid user in our LDAP system, but in the logs you see it trying to connect with a user called 'admin', and at this time I am obviously logged in with the 'admin, pw:admin' user. I've attached the error message I get from the logs at the point of hitting 'submit' on the LDAP plugin, also in that log file is the error that occurs when I try and log in with my actual LDAP login after I've loaded the LDAP plugin.
Any suggestions would be fantastic, and if you need any more information from me then don;t hesitate to ask.
Thanks
Matt