LDAP Authorization fail with WebUI, works in auth_test.php

i try to integrate LibreNMS with my LDAP Server (Authentik), and have problem with WebUI login.

Where i use auth_test.php i get:

[librenms@librenms ~]$ ./scripts/auth_test.php -u bkopec
Authentication Method: ldap
Authenticate user bkopec: 

User (2028):
  username => 9a4b2eba66279b6fdff56cc21ace34aa3be22c735e24dce345df8b8
  realname => bkopec
  user_id => 2028
  email => [email protected]

If i use WebUI login i only get error i log:

ldap_get_entries(): Argument #2 ($result) must be of type LDAP\Result, bool given {"exception":"[object] (TypeError(code: 0): ldap_get_entries(): Argument #2 ($result) must be of type LDAP\\Result, bool given at /opt/librenms/LibreNMS/Authentication/LdapAuthorizer.php:184)"} 

The problem propably is with username you can see above.
For username my server return the value of uid, even if i configure:

$config['auth_ldap_attr.uid'] = "sAMAccountName";

Do you have any solution for that ?

Best regards.

Due to lack of information, my guess is selinux and you didn’t set setsebool -P httpd_can_connect_ldap 1 as described by the docs.

setsebool -P httpd_can_connect_ldap 1

Is configured.

I can olso see that my response from auth_test.php . end with group section. I dont see my privilige level which is configured in config.php.

My config.php:

Someone have any ideas ?

Note that “privilege levels” no longer exist in LibreNMS, only roles.

That said, it should translate your old config.

Also, ldap_get_entries return false on error. So some sort of error is happening in the ldap query.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.