I'm running into a problem using LDAP to authenticate logins.
I already created a user with all basic info and try to login through phpldapadmin with detail :
Login DN: cn=Sample User,ou=people,dc=example,dc=om
Password: xxxx
then it can login.
But when i try to use with this :
Login DN: uid=sampleuser,ou=people,dc=example,dc=om
Password: xxxx
it never works (cannot login).
Please tell me what should i config?
LDAP v3 supports three types of authentication: anonymous, simple and SASL authentication.
The administrator bind DN is the user name and password configured for LDAP authentication. The administrator bind DN is used only for querying the directory server and so this user must have privileges to search the directory.
When configure Ldap server profile , need to know what is the Bind_DN and password on your Active directory server. Login to firewall GUI: Device > Server Profiles > lDAP > Bind-DN and paste the same.
UidNumber the UID or UserId) which is a number assigned by Linux and UNIX to each user on the system. This number is used to identify the user to the system and to determine which system resources the user can access. UidNumber is the AttributeType used in LDAP for the storing the number.
If the LDAP client is using a simple BIND operation, then the BIND DN must exist. The simple BIND operation takes as arguments at least the DN and a password.
Consider the following entries:
dn: cn=sample user,ou=people,dc=example,dc=com
objectClass: top
objectClass: inetOrgPerson
cn: sample user
uid: sampleuser
is not the same entry as:
dn: uid=sampleuser,ou=people,dc=example,dc=com
objectClass: top
objectClass: inetOrgPerson
cn: sample user
uid: sampleuser
even though the attributes are identical (the SN which is required by inetOrgPerson is omitted in this example). Th DN is the primary key and must be used with the simple BIND operation. The entries given above, are two complete separate entries with two different DNs.
I know its bit outdated but i was facing same problem. Thing is as Terry described that full dn's are different. You can fix this by forcing phpldapadmin to create users with uid as first key in dn.
You can change
<rdn>cn</rdn>
to
<rdn>uid</rdn>
in file
/etc/phpldapadmin/templates/creation/posixAccount.xml
That will create every posixAccount as:
dn: uid=sampleuser,ou=people,dc=example,dc=com
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With