LDAP Authorization fail with WebUI, works in auth_test.php

B_K · 5 October 2023 12:54

Hi,
i try to integrate LibreNMS with my LDAP Server (Authentik), and have problem with WebUI login.

Where i use auth_test.php i get:

[librenms@librenms ~]$ ./scripts/auth_test.php -u bkopec
Authentication Method: ldap
Password: 
Authenticate user bkopec: 
AUTH SUCCESS

User (2028):
  username => 9a4b2eba66279b6fdff56cc21ace34aa3be22c735e24dce345df8b8
  realname => bkopec
  user_id => 2028
  email => [email protected]
Groups:

If i use WebUI login i only get error i log:

ldap_get_entries(): Argument #2 ($result) must be of type LDAP\Result, bool given {"exception":"[object] (TypeError(code: 0): ldap_get_entries(): Argument #2 ($result) must be of type LDAP\\Result, bool given at /opt/librenms/LibreNMS/Authentication/LdapAuthorizer.php:184)"}

The problem propably is with username you can see above.
For username my server return the value of uid, even if i configure:

$config['auth_ldap_attr.uid'] = "sAMAccountName";

Do you have any solution for that ?

Best regards.

murrant · 6 October 2023 04:42

Due to lack of information, my guess is selinux and you didn’t set setsebool -P httpd_can_connect_ldap 1 as described by the docs.

B_K · 6 October 2023 09:33

setsebool -P httpd_can_connect_ldap 1

Is configured.

I can olso see that my response from auth_test.php . end with group section. I dont see my privilige level which is configured in config.php.

My config.php:

B_K · 30 October 2023 09:08

Someone have any ideas ?

murrant · 31 October 2023 14:33

Note that “privilege levels” no longer exist in LibreNMS, only roles.

That said, it should translate your old config.

murrant · 31 October 2023 14:35

Also, ldap_get_entries return false on error. So some sort of error is happening in the ldap query.

system · 29 January 2024 14:35

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.