Hi All,


I tried to make observium AD log in working during a few hours without any success, so I ask here for help^^


I took the ad example conf and edited some values.


I used same kind of conf in antoher apache vhost, and it works fine.


I also tried to find a good debug mode to help me with that, but nothing Is in the logs.

I tried "url/debug", "url/debug=yes", I can only see "CACHE DISABLED. Disabled in config", but I don't see any message about failed authentication (after I entered my credentials, nothing happens, I come back to log in page)


I also tried what is in this page (https://docs.observium.org/config_options/#debugging-profiling-settings), but nothing happens in any log file.


how can I enabled debug mode to help me with this authentication issue?


In my win2k8 AD, the directory tree is as follow:


Administrative (at the root) --> "Domain users" (where all the "human" users are)

                                          --> "Groups" (where all the groups are)

                                          --> "ServiceAccounts" (where the binddn user is)


Here is the conf I have :


$config['auth_mechanism'] = "ldap";


$config['auth_ldap_binddn'] = "cn=DNrequest,ou=ServiceAccounts,ou=Administrative,dc=example,dc=com";

$config['auth_ldap_bindpw'] = "password";


$config['auth_ldap_attr']['uid'] = "sAMAccountName";

$config['auth_ldap_attr']['uidNumber'] = "objectSid";

$config['auth_ldap_attr']['cn'] = "name";

$config['auth_ldap_attr']['dn'] = "distinguishedname";

$config['auth_ldap_objectclass'] = "person";


$config['auth_ldap_version'] = 3;

$config['auth_ldap_server'] = "example.com";

$config['auth_ldap_port']   = 389;

$config['auth_ldap_starttls'] = FALSE;


$config['auth_ldap_prefix'] = "CN=";

$config['auth_ldap_suffix'] = ",OU=Domain users,OU=Administrative,DC=example,DC=com";

$config['auth_ldap_group']  = array("CN=NE.Access,OU=Groups,OU=Administrative,DC=example,DC=com");

$config['auth_ldap_groupbase'] = "OU=Groups,OU=Administrative,DC=example,DC=com";


$config['auth_ldap_groupmembertype'] = "fulldn";

$config['auth_ldap_groupmemberattr'] = "member";


unset($config['auth_ldap_groups']);

$config['auth_ldap_groups']['CN=NE.Access,OU=Groups,OU=Administrative,DC=example,DC=com']['level'] = 10;



Thanks a lot in advance for you help!



Vincent Kwiatkowski
Operations&Infrastructure - System Team • Itiviti
Production System Engineer

Direct: +33 1 44 50 25 45
vincent.kwiatkowski@itiviti.com

21 Boulevard Haussmann
75009 Paris, France
Phone: +33 1 49 95 30 00


Visit: itiviti.com / ullink.com »
Read the latest news from Itiviti »

The information contained in or attached to this email is strictly confidential. If you are not the intended recipient, please notify us immediately by telephone and return the message to us.


Email communications by definition contain personal information. The ITIVITI group of companies (of which ULLINK forms part) is subject to European data protection regulations. ULLINK’s Privacy Policy is available at www.ullink.com. ULLINK expects the recipient of this email to be compliant with ULLINK’s Privacy Policy and applicable regulations. Please advise us immediately at dataprotection@ullink.com if you are not compliant with these.