Hello,
I want to use piwigo with ldap plugin and an lldap server but can't figure out how to configure the ldap plugin.
LDAP login does not work and when using the "LDAP-Login Test" on plugins setup page I always get an error message:
Credentials OK, Check GroupMembership for: uid=andreas,ou=people,dc=ahoelscher
ldap plugin log shows:
DEBUG: [check_ldap_group_membership]> @ldap_search($this->cnx,'ou=people,dc=ahoelscher', '(&(objectclass=groupOfUniqueNames)(cn=piwigo)(Member=uid=andreas,ou=
people,dc=ahoelscher)(cn=*))','Member') for piwigo
DEBUG: [check_ldap_group_membership]> No result from ldap_search, check search filter / member_attr
User "andreas" is configured in lldap as member of group "piwigo".
I don't understand all the explenations of the config fields as shown in the plugin readme.md and don't get any usefull help from Google, so I'm a bit lost.
Anybody who can help with a working config or perhaps has an example for use with lldap?
I will provide complete logs or whatever is missing if needed. Thank you for any hints!
regards 4ndreasH
=== my setup:
piwigo 13.8.0 (docker container)
ldap plugin: Kipjr/ldap_login 13.6.0 (20.05.2023)
lldap server: lldap/lldap 0.4.3 (11.04.2023) (docker container) (lldap server: https://github.com/lldap/lldap)
=== My ldap plugin config:
Server location: SERVER.DE
LDAP-Port: 3890
ldaps: no
Base DN: ou=people,dc=ahoelscher
User Object Class: Person
Username Attribute: uid
User Object Filter:
Group Object Class: groupOfUniqueNames
Group Object Filter:
Group Name Attribute: cn
Group Description: description
Group Membership Attribute: Member
User Membership Attribute: memberOf
Use user membership attribute: yes
Group corresponding with users: cn=piwigo,ou=groups,dc=ahoelscher
Group corresponding with administrators: cn=lldap_admin,ou=groups,dc=ahoelscher
Group corresponding with webmasters: cn=piwigo_webmasters,cn=groups,dc=ahoelscher
Use user groups: yes
Use administrator groups: no
Use Webmaster groups: no
Bind (Service account) DN: uid=lldap-admin,ou=people,dc=ahoelscher
Bind (Service account) password: <PASSWORD>
=== my lldap setup:
LDAP Server URI: ldap://SERVER.DE:3890
LDAP Bind DN: uid=lldap-admin,ou=people,dc=ahoelscher
LDAP User Search Base DN: ou=people,dc=ahoelscher
LDAP Admin Filter: memberof=cn=lldap_admin,ou=groups,dc=ahoelscher
LDAP Search Filter: memberof=cn=piwigo,ou=groups,dc=ahoelscher
Offline
With a lot of trial and error, I found the solution: "Base DN" was wrong. It works with "dc=ahoelscher".
Offline
For you and anyone having issues with my plugin, contact me on Github or create an issue. I'm not checking the forum that often
Offline