Snipe-it: OpenLDAP login doens't work with multiple OU
Please confirm you have done the following before posting your bug report:
- [x] I have enabled debug mode
- [x] I have read checked the Common Issues page
Describe the bug
The option "LDAP Basis Bind DN" is used as login.
Example
Base Bind DN: dc=basecom,dc=de
There are 2 users:
- cn=r.sikorski,ou=Internal,dc=basecom,dc=de
- cn=example01,ou=External,dc=basecom,dc=de
both can't login. With debug on it is visible that the username r.sikorski and example01 gets added to the base dn.
When setting:
- Base Bind DN: ou=Internal,dc=basecom,dc=de
r.sikorski can login but example01 not, but atleast one of the users can login.
Expected behavior
All users which match the LDAP Filter should be able to login.
Screenshots
If applicable, add screenshots to help explain your problem.
Server (please complete the following information):
- Snipe-IT Version: v4.8.0
- OS: Ubuntu
- Web Server: Official Docker Image
- PHP Version: Official Docker Image
Desktop (please complete the following information):
- OS: Windows 10
- Browser Chrome
- Version 79.0.3945.88
Additional context
- Fresh Installation with MariaDB 10.4 and Traefik 2.1 as Reverse Proxy
RogerSik
All 9 comments
Screenshot for better explanation.
RogerSik
on 7 Jan 2020
Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!
![stale[bot] picture](https://avatars3.githubusercontent.com/in/1724?v=4&s=40)
stale[bot]
on 7 Mar 2020
Yes it is still relevant.
RogerSik
on 7 Mar 2020
Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!
stale[bot]
on 7 Mar 2020
Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!
stale[bot]
on 6 May 2020
This issue has been automatically closed because it has not had recent activity. If you believe this is still an issue, please confirm that this issue is still happening in the most recent version of Snipe-IT and reply to this thread to re-open it.
stale[bot]
on 13 May 2020
This bug still appears with snipe-it 5.0.7.
There is a solution for Active Directory, but not for other LDAP services.
There are some other issues with the same bug:
https://github.com/snipe/snipe-it/issues/8315
https://github.com/snipe/snipe-it/issues/8214 (there are using Univention Corporate Server Core Edition for LDAP)
https://github.com/snipe/snipe-it/issues/7587
wilkis3
on 18 Nov 2020
@wilkis3 Those older issues don't seem relevant, since they are all pre-v5, and LDAP/AD was completely rewritten in v5 - and certainly a lot of people are able to use OU syncing (in v4 as well) using Location-specific OUs. That's currently the only way to sync multiple OUs, and always has been.
snipe
on 18 Nov 2020
Hey @snipe @wilkis3 and me are working with thesame SnipeIT instance. We updated it to the version 5.0.7
The synchronization is not the problem. This working fine, we have every ldap account avaible to browse in SnipeIT.
The problem is that its not possible that 2 accounts which are in 2 differnt OUs are able to login.
RogerSik
on 18 Nov 2020
Related issues
ericdude101
路
5Comments
snipe
路
3Comments
jblandin04
路
5Comments
snipe
路
5Comments
Rungea96
路
4Comments
Most helpful comment
Screenshot for better explanation.