We got it working a few days ago from info in this thread. We used nodn as well as the array of groups to map to levels. I can send what worked for us tomorrow.
-Graeme
On Wed, May 11, 2022 at 10:20 PM Valerie Lim via observium < observium@observium.org> wrote:
Hi
I am having issue authenticating the members in my group as the error message says that it is unable to get a match of a user in a particular group.
Here are some steps I’ve taken so far:
- Changing to *$config['auth_ldap_server'] = "server01.domain01.com
http://server01.domain01.com"; caused an error that LDAP server was unable to bind *thus that is why I am using IP address
- All my users are already a member of the group that I’ve specified &
the group is also in an OU I’ve specified in my config.php
So, why is Observium unable to get a match of the users even though the specifications are already there? Please advise.
Attached is my config.php configuration:
*// Authentication Model*
*$config['auth_mechanism'] = "ldap"; // default, other options: ldap, http-auth, please se>*
*$config['auth_ldap_binddn'] = "cn=Administrator,cn=Users,dc=domain01,dc=com";*
*$config['auth_ldap_bindpw'] = "xxxxxxxx";*
*$config['auth_ldap_attr']['uid'] = "sAMAccountName";*
*$config['auth_ldap_attr']['uidNumber'] = "objectSid";*
*$config['auth_ldap_attr']['cn'] = "name";*
*$config['auth_ldap_attr']['dn'] = "distinguishedName";*
*$config['auth_ldap_objectclass'] = "person";*
*$config['auth_ldap_version'] = 3;*
*$config['auth_ldap_server'] = "ldap://192.168.1.234 http://192.168.1.234";*
*$config['auth_ldap_port'] = 389;*
*$config['auth_ldap_starttls'] = TRUE;*
*$config['auth_ldap_bindanonymous'] = FALSE;*
*$config['auth_ldap_prefix'] = "CN=";*
*$config['auth_ldap_suffix'] = ",OU=MVC,DC=domain01,DC=com";*
*$config['auth_ldap_group'] = array("CN=gtgroup,OU=**MVC* *,DC=domain01,DC=com");*
*$config['auth_ldap_groupbase'] = "CN=gtgroup,OU=**MVC* *,DC=domain01,DC=com";*
*$config['auth_ldap_groupmembertype'] = "nodn";*
*$config['auth_ldap_groupmemberattr'] = "member";*
*unset($config['auth_ldap_groups']);*
*$config['auth_ldap_groups']['CN=gtgroup,OU=**MVC**,DC=domain01,DC=com']['level'] = 10;*
*$config['web_debug_unprivileged'] = TRUE;*
Error message I got when logging in:
My group & OU settings:
Best Regards
Valerie Lim _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
