Hi Maxim, 1) you can login with ldap_admin_dn and ldap_passwd --> yes While you logged in as ldap_admin_dn 2) try to search with base ldap_search_base and query ldap_search_query NOTE you need to request `%s` in ldap_search_query with login entered by user --> no result for the attribute „uid“! As I wrote in my own mail, this field is empty here. If I search for „sn“ instead of „uid“, I can find users.
It seems to me, that the problem is, that the field uid is always empty here. I tried to change ist to sAMAccountName, which is the unique login-name of our users, so I configured: ldap_search_query=(sAMAccountName=%s) ldap_userdn_format=sAMAccountName=%s,OU=Users,DC=rhrlp,DC=intern [which is probably wrong, but hopefully not used, since I use SEARCHANDBIND] ldap_user_attr_login=sAMAccountName But that’s not working either. Best regards and thank you very much for all your work, Alex Von: Maxim Solodovnik <[email protected]> Gesendet: Dienstag, 5. Mai 2020 16:27 An: Openmeetings user-list <[email protected]> Betreff: Re: Integration problems with Active Directory Hello Osvaldo, grab you favorite LDAp explorer and check: 1) you can login with ldap_admin_dn and ldap_passwd IF login successful While you logged in as ldap_admin_dn 2) try to search with base ldap_search_base and query ldap_search_query NOTE you need to request `%s` in ldap_search_query with login entered by user If all was successful AND your search returning exactly 1 result get back here with results :) On Tue, 5 May 2020 at 21:05, Osvaldo OBA. Benítez Aliaga <[email protected]<mailto:[email protected]>> wrote: Already SIMPLEBIND by SEARCHANDBIND but it keeps giving me the same error. El 4/5/2020 a las 22:57, Maxim Solodovnik escribió: Hello Osvaldo, since your users doesn't "fit" into single LDAP DN pattern SIMPLEBIND should be replaced with SEARCHANDBIND In this case your users will be searched using search-base and search-query, then authenticated ... On Tue, 5 May 2020 at 01:16, Osvaldo OBA. Benítez Aliaga <[email protected]<mailto:[email protected]>> wrote: yes. I have managed to authenticate well with the user that declared (support) and authenticate well with the users that are in the same organizational unit (CN). Now the problem is with users who are in other organizational units. For example, those in the Domain Users OU El 4/5/2020 a las 12:09, Maxim Solodovnik escribió: > Have you tested it with LDAP explorer as I suggest? -- Best regards, Maxim -- Best regards, Maxim
