LDAP authentication fails

lbetson · February 28, 2019, 3:24pm

Problem:
After configuring LDAP authentication over port 389 using server type Active Directory, when I try logon with my AD credentials to the Foreman WebUI it fails. When I test the connection it passes. I was also able to add an external group that I created in AD. I also tried adding the user through the WebUI with the LDAP connection as the authorization source and it still fails. The base DN and group DN are correct.

Besides configuring this in the WebUI do I also have to configure LDAP anywhere else? Does it need to be turned on in a .yaml file anywhere? Maybe I am missing a configuration step somewhere.

Thank you.

ethancpace · March 1, 2019, 8:15pm

You shouldn’t have to configure this anywhere else other than the WebUI.

Perhaps AD is rejecting the auth request. Are you able to perform an ldapsearch from the host with the credentials and filters you are using in Foreman?

lbetson · March 1, 2019, 9:31pm

It states that I have openldap installed but when I try to run the ldapsearch command I get file not found.

UXabre · March 2, 2019, 7:56am

Hey @lbetson,

For ldapsearch to work you’ll also have to install the openldap-clients package.
You can always check things with yum whatprovides.
(All this assuming you’re running centOS)

Kind regards,
Arend