When trying to implement LDAP authentication per
docs - The webui completely fails with the example JumpCloud configuration. I can’t see anything in any error log, the PHP LDAP perquisites are installed.
Could I get any pointers as to where I need to look to debug this? There’s nothing helpful in
$config['auth_mechanism'] = "ldap"; # default, other options: ldap, http-auth
$config['auth_ldap_groups']['operations-team']['level'] = 10;
$config['auth_ldap_version'] = 3; # v2 or v3
$config['auth_ldap_server'] = "ldap.jumpcloud.com";
$config['auth_ldap_port'] = 389;
$config['auth_ldap_prefix'] = "uid=";
$config['auth_ldap_suffix'] = ",ou=Users,o=000aaa999ccc888fff,dc=jumpcloud,dc=com";
$config['auth_ldap_groupbase'] = "cn=operations-team,ou=Users,o=000aaa999ccc888fff,dc=jumpcloud,dc=com";
$config['auth_ldap_groupmemberattr'] = "memberUid";
[email protected] librenms]# ./validate.php
Component | Version
--------- | -------
LibreNMS | 1.31.03-30-g9cafcb6
DB Schema | 206
PHP | 7.0.22
MySQL | 5.5.52-MariaDB
RRDTool | 1.4.8
SNMP | NET-SNMP 5.7.2
[OK] Database connection successful
[OK] Database schema correct
12 September 2017 10:43
Thank you - that doesn’t return any errors.
The configuration however does break the web interface.
Is there anyway to debug that to see what’s preventing the web interface from working when set to ldap?
-bash-4.2$ ./scripts/auth_test.php -u TESTUSER -d -v
SQL[SET NAMES 'utf8']
SQL[SET CHARACTER SET 'utf8']
SQL[SET COLLATION_CONNECTION = 'utf8_unicode_ci']
SQL[SELECT `config_name`,`config_value` FROM `config`]
SQL[select * from graph_types]
SQL[SELECT DISTINCT(`os`) FROM `devices`]
SQL[DELETE FROM `session` WHERE `session_expiry` < '1505302330']
Authentication Method: ldap
Authenticate user TESTUSER:
13 September 2017 20:11
What does completely fails mean? If you mean it’s a white page then it’s usually max mem, a config issue or you don’t have a php module required to be loaded.
This post was flagged by the community and is temporarily hidden.
14 September 2017 19:40
Have you followed the faq link?
@laf Yes, I have, thank-you.
The server was immediately closing the connection so
/debug=yes/ was of little value.
I restarted with
service php-fpm restart and it has resolved the issue for the interface.
I am now getting Invalid Credentials when logging in with a valid user. I’ve re-tested with
./scripts/auth_test.php and the user can auth.
I assume the group “operations-team” is not receiving the privilege that it should?
15 September 2017 18:35
Not sure you’re around anymore but we have an updated PR you can test for ldap:
After that unfortunately I have no other suggestions.