Ldap invalid credentials
Created by: nestoru
Hello,
I am unable to login using Ldap. When I enter my email ([email protected]) I get bad credentials in the UI apparently (per the logs in the ldap server) because only the username is extracted from the whole email.
Config:
gitlab_rails['ldap_enabled'] = true
gitlab_rails['ldap_host'] = 'ldapdev.sample.com'
gitlab_rails['ldap_port'] = 10636
gitlab_rails['ldap_method'] = 'ssl'
gitlab_rails['ldap_bind_dn'] = 'uid=admin,ou=system'
gitlab_rails['ldap_password'] = 'mypass'
gitlab_rails['ldap_allow_username_or_email_login'] = true
gitlab_rails['ldap_base'] = 'ou=people,o=sample'Ldap logs:
[18:37:15] DEBUG [org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler] - Handling single reply request: SearchRequest
baseDn : 'ou=people,o=sample'
filter : '(mail=nestor)'
scope : whole subtree
typesOnly : false
Size Limit : 1
Time Limit : no limit
Deref Aliases : never Deref Aliases
attributes :
[18:37:15] DEBUG [org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler] - ManageDsaITControl NOT detected.
[18:37:15] DEBUG [org.apache.directory.server.ldap.handlers.SearchHandler] - Entry ou=people,o=sample is NOT a referral.
[18:37:15] DEBUG [org.apache.directory.server.ldap.handlers.SearchHandler] - Message received: SearchRequest
baseDn : 'ou=people,o=sample'
filter : '(mail=nestor)'
scope : whole subtree
typesOnly : false
Size Limit : 1
Time Limit : no limit
Deref Aliases : never Deref Aliases
attributes :
[18:37:15] DEBUG [org.apache.directory.server.core.DefaultOperationManager] - >> SearchOperation : SearchContext for DN 'ou=people,o=sample', filter :'(|(mail=nestor)(objectClass=referral))'
[18:37:15] DEBUG [org.apache.directory.server.core.DefaultOperationManager] - >> LookupOperation : LookupContext for DN 'ou=people,o=sample', attributes : <>
[18:37:15] DEBUG [org.apache.directory.server.core.authn.AuthenticationInterceptor] - Operation Context: LookupContext for DN 'ou=people,o=sample', attributes : <>
[18:37:15] DEBUG [org.apache.directory.server.core.DefaultOperationManager] - >> hasEntryOperation : EntryContext for DN 'ou=people,o=sample'
[18:37:15] DEBUG [org.apache.directory.server.core.partition.DefaultPartitionNexus] - Check if DN 'ou=people,o=sample' exists.
[18:37:15] DEBUG [org.apache.directory.server.core.DefaultOperationManager] - << HasEntryOperation successful
[18:37:15] DEBUG [org.apache.directory.server.core.DefaultOperationManager] - << LookupOperation successful
[18:37:15] DEBUG [org.apache.directory.server.core.authn.AuthenticationInterceptor] - Operation Context: SearchContext for DN 'ou=people,o=sample', filter :'(|(0.9.2342.19200300.100.1.3=nestor)(2.5.4.0=referral))'
[18:37:15] DEBUG [org.apache.directory.server.core.DefaultOperationManager] - >> hasEntryOperation : EntryContext for DN 'ou=people,o=sample'
[18:37:15] DEBUG [org.apache.directory.server.core.partition.DefaultPartitionNexus] - Check if DN 'ou=people,o=sample' exists.
[18:37:15] DEBUG [org.apache.directory.server.core.DefaultOperationManager] - << HasEntryOperation successful
[18:37:15] DEBUG [org.apache.directory.server.core.DefaultOperationManager] - << SearchOperation successful
[18:37:15] DEBUG [org.apache.mina.core.filterchain.IoFilterEvent] - Event MESSAGE_RECEIVED has been fired for session 3207
[18:37:15] DEBUG [org.apache.directory.server.ldap.LdapProtocolHandler] - Cleaning the LdapSession : <0.9.2342.19200300.100.1.1=admin,2.5.4.11=system,...> session
Thanks,
- Nestor