Trying to configure Tuleap and LDAP authentication. So Far my config in /etc/tuleap/plugins/ldap/etc/ldap.inc:
$sys_ldap_server = 'xxx';
$sys_ldap_server_type = 'OpenLDAP';
$sys_ldap_dn = 'dc=xxx,dc=xx';
$sys_ldap_bind_dn = 'cn=useradmin,dc=xxx,dc=xx';
$sys_ldap_bind_passwd = 'xxxx';
$sys_ldap_uid = "uid";
$sys_ldap_eduid = "uid";
$sys_ldap_cn = 'cn';
$sys_ldap_mail = 'mail';
$sys_ldap_people_dn = 'ou=People,dc=xxx,dc=xx';
$sys_ldap_search_user='(|(uid=%words%)(cn=%words%)(mail=%words%))';
$sys_ldap_default_user_status = 'A';
$sys_ldap_svn_auth = 1;
$sys_ldap_daily_sync = 1;
$sys_ldap_daily_sync_retention_period = '';
$sys_ldap_user_management = 1;
$sys_ldap_grp_enabled = 1;
$sys_ldap_grp_dn = 'ou=workers,dc=xxx,dc=xx';
$sys_ldap_grp_cn = 'o';
$sys_ldap_grp_member = 'xxx';
$sys_ldap_threshold_users_suspension = '';
$search_depth = 'subtree';
When trying to login, I receive errors in log:
2018-08-14T09:05:56+02:00 [2247] [debug] Bound to LDAP server: xxx
2018-08-14T09:05:56+02:00 [2247] [warning] LDAP search error: dc=xxx,dc=xx [email protected] ldap://xxx.xx.xx ***ERROR:No such object ***ERROR no:32
2018-08-14T09:05:56+02:00 [2247] [info] [LDAP] User [email protected] failed to authenticate
Performing LDAP search in CLI brings up positive results:
ldapsearch -x -D "cn=useradmin,dc=xxx,dc=xx" -W -H ldap://xxx.xxx.xx -b "ou=People,dc=xxx,dc=xx"
Result:
# [email protected], People, xxx.xx
dn: [email protected],ou=People,dc=xxx,dc=xx
cn:: www
displayName:: ppp
givenName: qq
mail: [email protected]
o: gg
objectClass: inetOrgPerson
preferredLanguage: cc
sn:: uuu
uid: [email protected]
userPassword:: yyy
What could be wrong?
It turns out, that Tuleap LDAP does not support login with email. Only with username. So, if your LDAP setup does not provide unique usernames you can't deploy LDAP login to Tuleap.