Can anyone provide an Active Directory How-to with examples ?

[JBBERLIN]

Hello,

I try to connect my AD with Wekan but without success.
I have connect many systems like Joomla, DokuWiki etc. but Wekan no way..

CentOS 7, SNAP lastest Version of Wekan.

So can anyone provide an useful HowTo with examples ?

Many thanks.

[xet7]

There is Azure AD docs for OIDC:
https://github.com/wekan/wekan/wiki/Azure

But I don't know is there for LDAP yet.

Anyway, if your AD supports OIDC, it's easier to configure it, because there is less settings.

[JBBERLIN]

Yes I read this wiki doc too, but I have a simple AD.
For the test I setup a internal test domain but no luck with user login or sync(I first try login only)

Active Directory Domain: ad.mydomian.com (DC=ad,DC=mydomain,DC=com)
NETBIOS DOMAIN: MYDOMAIN
DC1: 192.168.0.1
DC2: 192.168.0.2

All service account (with the domain bind account) are in OU=SERVICE,DC=ad,DC=mydomain,DC=com
All user are in OU=USROU,DC=ad,DC=mydomain,DC=com
The bind user: CN=bindadmin,OU=SERVICE,DC=ad,DC=mydomain,DC=com

No groups or else, and the binduser is a copy of the standard Administrator account.

Very simple AD LDAP for finding the bug, but no chance.

Here the log:
Apr 2 17:50:25 todo wekan.wekan: [INFO] LDAP connected
Apr 2 17:50:25 todo wekan.wekan: [INFO] Binding UserDN "CN=bindadmin,OU=SERVICE,DC=ad,DC=mydomain,DC=com"
Apr 2 17:50:25 todo wekan.wekan: [INFO] Searching user "user1"
Apr 2 17:50:25 todo wekan.wekan: [DEBUG] searchOptions {
Apr 2 17:50:25 todo wekan.wekan: "filter": "(&(sAMAccountName=[username])(sAMAccountName=user1))",
Apr 2 17:50:25 todo wekan.wekan: "scope": "sub",
Apr 2 17:50:25 todo wekan.wekan: "sizeLimit": 0
Apr 2 17:50:25 todo wekan.wekan: }
Apr 2 17:50:25 todo wekan.wekan: [DEBUG] BaseDN "dc=ad,dc=mydomain,dc=com"
Apr 2 17:50:25 todo wekan.wekan: [INFO] Search result count
Apr 2 17:50:25 todo wekan.wekan: [INFO] Search returned
Apr 2 17:50:25 todo wekan.wekan: [ERROR] Error: User not Found
Apr 2 17:50:25 todo wekan.wekan: [INFO] Fallback to default account system: {
Apr 2 17:50:25 todo wekan.wekan: "username": "user1"
Apr 2 17:50:25 todo wekan.wekan: }
Apr 2 17:50:25 todo wekan.wekan: [DEBUG] Fallback options: {
Apr 2 17:50:25 todo wekan.wekan: "user": {
Apr 2 17:50:25 todo wekan.wekan: "username": "user1"
Apr 2 17:50:25 todo wekan.wekan: },
Apr 2 17:50:25 todo wekan.wekan: "password": {
Apr 2 17:50:25 todo wekan.wekan: "digest": "3b32991d2f1b72a900e9e29e3a705e0d73668eedd93f542d5737889303a60682",
Apr 2 17:50:25 todo wekan.wekan: "algorithm": "sha-256"
Apr 2 17:50:25 todo wekan.wekan: }
'

[nerminator]

Did you solve your problem? I have similar problems during Wekan LDAP configuration and using an LDAP browser ( softtera or other LDAP browser) helped me to solve my problem. Are you sure that your users exist under OU=SERVICE ? In my case it was OU=User. But it changes according to your setup so that is why you need to look at your own LDAP structure with browser.
After that, you have to tell Wekan which field in your LDAP can Wekan use as username , which field for the search field etc.