Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LDAP Groups are not working #88

Open
ledufakademy opened this issue Jan 21, 2021 · 6 comments
Open

LDAP Groups are not working #88

ledufakademy opened this issue Jan 21, 2021 · 6 comments

Comments

@ledufakademy
Copy link

i try everything with conf. but i can't achieve to only allow login/access for users that are member of a dedicated active directory group.
Is it a bug ?
i try group filter , search user filter ... nothing is working with wekan.
Does someone as a working conf ? (i'm using snap install on debian 10)
@xet7
Copy link
Member

xet7 commented Jan 21, 2021

Is this related to wekan/wekan@1a049e4#commitcomment-46120981 or #86 ?

@Sancretor what do you think?

@Sancretor
Copy link

@xet7 Could be... or a missing piece of configuration.

@ledufakademy You should have a look at your Wekan & OpenLdap logs to see if it matches the issue linked above.
Otherwise, could you share your LDAP configuration for Wekan please ?

@xet7
Copy link
Member

xet7 commented Jan 21, 2021

LDAP examples are at https://github.com/wekan/wekan/wiki/LDAP

@ledufakademy
Copy link
Author

ledufakademy commented Jan 22, 2021
edited

Here is the conf (snap get wekan , and where can i see the conf file instead of that ?) :

Note : as you can see group admin or filtering is disable , because not working ...
Wekan is bind to Active Directory.

board-default-language FR
default-authentication-method ldap
ldap-authentication true
ldap-authentication-password PassW0rd
ldap-authentication-userdn CN=BindWekan,DC=exemple,DC=com
ldap-background-sync false
ldap-background-sync-import-new-users false
ldap-background-sync-interval every 5 minute
ldap-background-sync-keep-existant-users-updated false
ldap-basedn DC=exemple,DC=com
ldap-connect-timeout 10000
ldap-default-domain mail.exemple.com
ldap-enable true
ldap-encryption false
ldap-fullname-field cn
ldap-group-filter-enable false
ldap-group-filter-group-member-format dn
ldap-group-filter-group-name GRP_WEKAN_USERS
ldap-group-filter-id-attribute cn
ldap-group-filter-member-attribute member
ldap-group-filter-objectclass group
ldap-host 10.xx.yy.zz
ldap-idle-timeout 10000
ldap-log-enabled true
ldap-login-fallback false
ldap-port 389
ldap-reconnect true
ldap-search-page-size 0
ldap-search-size-limit 0
ldap-sync-admin-groups GRP_WEKAN_ADMINS
ldap-sync-admin-status false
ldap-sync-user-data true
ldap-timeout 10000
ldap-unique-identifier-field sAMAccountName
ldap-user-search-field sAMAccountName
ldap-user-search-filter (&(objectClass=user)(memberOf=CN=GRP_WEKAN-USERS,OU=Applicatifs,OU=Groupes,DC=exemple,DC=com))
ldap-user-search-scope sub
ldap-username-field sAMAccountName
mail-from Projets Wekan Support <[email protected]
mail-url smtps://[email protected]:[email protected]:587/
root-url https://wekan.exemple.com

`thanks for your answers ;-)

@veloprofz
Copy link

how to turn on the option so that ldap authentication appears in the admin panel?

@xet7
Copy link
Member

xet7 commented Feb 21, 2023

@veloprofz

https://github.com/wekan/wekan/wiki/LDAP

Snap

sudo snap set wekan ldap-enable='true'

Docker

https://github.com/wekan/wekan/blob/master/docker-compose.yml#L488

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@xet7 @ledufakademy @Sancretor @veloprofz