Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Question: LDAP setup with Authentik #669

Open
McCrafterIV opened this issue Dec 21, 2024 · 1 comment
Open

Question: LDAP setup with Authentik #669

McCrafterIV opened this issue Dec 21, 2024 · 1 comment

Comments

@McCrafterIV
Copy link

Hi!

I'm trying to setup the LDAP plugin with the authentik ldap provider. Sadly, I'm failing to configure it correctly. Could you help me find all the correct config values?

Let's assume the fog server can reach the authentik host via an unencrypted connection. Futhermore assume the following setup:

  • fog search user: fogservice
  • group for all fog admins: fogadmins
  • group for all fog users: fogusers
  • authentik host: authentik.mydomain.com
  • basedn configured in authentik: OU=fog,DC=mydomain,DC=com

The furthest I got is with username attribute "cn" and group membership attribute "memberOf" which results in a logged error when I try to login with the user fogadmin

 Got error 'PHP message: Plugin LDAP::_result(). Search Method: search; Filter: (&(|(name=fogadmin))(memberof=cn=fogadmin,ou=users,ou=fog,dc=mydomain,dc=com,)); Result: 0PHP message: PHP Warning:  ldap_search(): Search: Operations error in /var/www/html/fog/lib/plugins/ldap/class/ldap.class.php on line 124PHP message: PHP Fatal error:  Uncaught TypeError: ldap_count_entries(): Argument #2 ($result) must be of type LDAP\\Result, bool given in /var/www/html/fog/lib/plugins/ldap/class/ldap.class.php:124\nStack trace:\n#0 /var/www/html/fog/lib/plugins/ldap/class/ldap.class.php(124): ldap_count_entries()\n#1 /var/www/html/fog/lib/plugins/ldap/class/ldap.class.php(843): LDAP->__call()\n#2 /var/www/html/fog/lib/plugins/ldap/class/ldap.class.php(663): LDAP->_result()\n#3 /var/www/html/fog/lib/plugins/ldap/class/ldap.class.php(559): LDAP->_getAccessLevel()\n#4 /var/www/html/fog/lib/plugins/ldap/hooks/ldappluginhook.hook.php(126): LDAP->authLDAP()\n#5 /var/www/html/fog/lib/fog/hookmanager.class.php(86): LDAPPluginHook->checkAddUser()\n#6 /var/www/html/fog/lib/fog/user.class.php(144): HookManager->processEvent()\n#7 /var/www/html/fog/lib/fog/user.class.php(226): User->passwordValidate()\n#8 /var/www/html/fog/lib/fog/fogbase.class.php(2469): User->validatePw()\n#9 /var/www/html/fog/lib/pages/processlogin.class.php(153): F...', referer: http://10.10.0.12/fog/management/index.php?node=home
@darksidemilk
Copy link
Member

Firstly, what version of FOG are you running?

Second I would start with a simpler configuration like a search base of just "DC=mydomain,DC=com" and then make it more fine grained after that root base is working.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants