Mantis - Active Directory Authentification

MantisBT forum for users who prefer to ask and answer questions in French.

Moderators: Developer, Contributor

Post Reply
Zenpower
Posts: 2
Joined: 19 Sep 2014, 07:59

Mantis - Active Directory Authentification

Post by Zenpower »

Bonjour à tous,

1 - J'ai installé avec succès mantisbt 1.2.17 sur une plateforme 2003 server sp2.
2 - J'ai créé un utilisatreur 'udd' avec les droit d'administration.
3 - j'ai configuré Mantis avec active directory moyennant la configuration suivant :
# --- General LDAP configuration ---
$g_login_method = LDAP;
$g_ldap_protocol_version = 3;
$g_ldap_server = "ldap://xxx.xxxx.xx:389";
#$g_ldap_port = 389;
$g_ldap_bind_dn = "CN=udd,OU=DEPARTEMENT SYSTEME D'INFORMATION,DC=xxxx,DC=xx";
$g_ldap_uid_field = 'sAMAccountName';
$g_ldap_bind_passwd = 'motdepasse';
$g_ldap_root_dn = "DC=xxxx";
$g_ldap_organization = "(objectClass=*)";
$g_ldap_realname_field = 'cn';
$g_use_ldap_email = ON;
$g_allow_signup = OFF;


Mon problème est le suivant :
quand je veux m'authentifier avec l'utilisateur 'udd' qui existe bel et bien dans mon annuaire AD, un message s'affiche en indiquant que le compte est désactivé ou le login ou le mot de passe sont incorrects :
Dans les fichiers logs j'ai les informations suivants :

2014-09-18 19:10 CEST ldap Binding to LDAP server
2014-09-18 19:10 CEST ldap Attempting connection to LDAP URI 'ldap://xxxx.xxxx.xx:389'.
2014-09-18 19:10 CEST ldap Connection accepted by LDAP server
2014-09-18 19:10 CEST ldap Setting LDAP protocol version to 3
2014-09-18 19:10 CEST ldap Attempting bind to ldap server with username and password
2014-09-18 19:10 CEST ldap Bind to ldap server successful
2014-09-18 19:10 CEST ldap Searching for (&(sAxxccountName=administrator))
2014-09-18 19:10 CEST ldap No xxtching entries found
2014-09-18 19:10 CEST ldap Unbinding from LDAP server
2014-09-18 19:10 CEST ldap Authentication failed
2014-09-18 19:10 CEST ldap Binding to LDAP server
2014-09-18 19:10 CEST ldap Attempting connection to LDAP URI 'ldap://xxxx.xxxx.xx:389'.
2014-09-18 19:10 CEST ldap Connection accepted by LDAP server
2014-09-18 19:10 CEST ldap Setting LDAP protocol version to 3
2014-09-18 19:10 CEST ldap Attempting bind to ldap server with username and password
2014-09-18 19:10 CEST ldap Bind to ldap server successful
2014-09-18 19:10 CEST ldap Searching for (&(sAxxccountName=udd))
2014-09-18 19:10 CEST ldap No xxtching entries found
2014-09-18 19:10 CEST ldap Unbinding from LDAP server
2014-09-18 19:10 CEST ldap Authentication failed
2014-09-18 19:10 CEST ldap Binding to LDAP server
2014-09-18 19:10 CEST ldap Attempting connection to LDAP URI 'ldap://xxxx.xxxx.xx:389'.
2014-09-18 19:10 CEST ldap Connection accepted by LDAP server
2014-09-18 19:10 CEST ldap Setting LDAP protocol version to 3
2014-09-18 19:10 CEST ldap Attempting bind to ldap server with username and password
2014-09-18 19:10 CEST ldap Bind to ldap server successful
2014-09-18 19:10 CEST ldap Searching for (&(sAxxccountName=administrator))
2014-09-18 19:10 CEST ldap No xxtching entries found
2014-09-18 19:10 CEST ldap Unbinding from LDAP server
2014-09-18 19:10 CEST ldap Authentication failed
Nolkyz
Posts: 17
Joined: 18 Sep 2014, 12:44
Location: France

Re: Mantis - Active Directory Authentification

Post by Nolkyz »

Bonjour,

A tu créer les utilisateurs dans Mantis ?

Cordialement Nolkyz.
Zenpower
Posts: 2
Joined: 19 Sep 2014, 07:59

Re: Mantis - Active Directory Authentification

Post by Zenpower »

Oui, l'utilisateur "udd" je l'ai créé sur Mantis.
Par contre 'administrator' est celui qui est créé lors de l'installation de Mantis.
ZiZou1991
Posts: 23
Joined: 21 Jul 2014, 12:12

Re: Mantis - Active Directory Authentification

Post by ZiZou1991 »

Please
what's wrong in this code
PS: my domain is mantis.local
ou=mantis, user=zeyd

/**************************
* MantisBT LDAP Settings *
**************************/

/**
* Specifies the LDAP or Active Directory server to connect to, and must be
* provided as an URI
* - Protocol is optional, can be one of ldap or ldaps, defaults to ldap
* - Port number is optional, and defaults to 389. If this doesn't work, try
* using one of the following standard port numbers: 636 (ldaps); for Active
* Directory Global Catalog forest-wide search, use 3268 (ldap) or 3269 (ldaps)
*
* Examples of valid URI:
*
* ldap.example.com
* ldap.example.com:3268
* ldap://ldap.example.com/
* ldaps://ldap.example.com:3269/
*
* @global string $g_ldap_server
*/
$g_ldap_server = 'ldap://Server:389';

$g_ldap_port = 389;
/**
*
* @global string $g_ldap_root_dn
*/
$g_ldap_root_dn = 'ou=mantis,dc=mantis,dc=local';

/**
* e.g. '(organizationname=*Traffic)'
* @global string $g_ldap_organization
*/
$g_ldap_organization = '';

/**
* Use 'sAMAccountName' for Active Directory
* @global string $g_ldap_uid_field
*/
$g_ldap_uid_field = 'sAMAccountName';

/**
* The LDAP field for real name (i.e. common name).
* @global string $g_ldap_realname_field
*/
$g_ldap_realname_field = 'cn';

/**
* The distinguished of the user account to use for binding to the LDAP server.
* For example, 'CN=ldap,OU=Administrators,DC=example,DC=com'.
*
* @global string $g_ldap_bind_dn
*/
$g_ldap_bind_dn = 'cn=Zeyd,ou=mantis,dc=mantis,dc=local';

/**
* The password for the service account to be used for connecting to the LDAP server.
*
* @global string $g_ldap_bind_passwd
*/
$g_ldap_bind_passwd = 'etmjf0347md.:;()';

/**
* Should we send to the LDAP email address or what MySql tells us
* @global int $g_use_ldap_email
*/
$g_use_ldap_email = ON;

/**
* Whether or not to pull the real name from LDAP.
* ON from LDAP, OFF from database.
* @global int $g_use_ldap_realname
*/
$g_use_ldap_realname = OFF;

/**
* The LDAP Protocol Version, if 0, then the protocol version is not set. For Active Directory use version 3.
*
* @global int $g_ldap_protocol_version
*/
$g_ldap_protocol_version = 3;

/**
* Determines whether the LDAP library automatically follows referrals returned by LDAP servers or not.
* This maps to LDAP_OPT_REFERRALS ldap library option. For Active Directory, this should be set to OFF.
*
* @global int $g_ldap_follow_referrals
*/
$g_ldap_follow_referrals = ON;

/**
* For development purposes, this is a configuration option that allows replacing
* the ldap communication with a comma separated text file. The text file has a line per user.
* Each line includes: user name, user real name, email, password. For production
* systems this option should be set to ''.
*/
$g_ldap_simulation_file_path = '';
Post Reply