Open Source e-Learning
  • Login

Breadcrumb Navigation

Tabs

Functions

  • engymk | Deleted | 19. May 2014, 08:31
    LDAP Configuration

    Dear All,

     

     I have done every step to the LDAP as per the official document. The binding is happening alright. But it does not do work when i try to login from the login screen. It just give very simple message of "username or password is wrong".

     

    I need your help please. I came across some threads here but no solution was shared. I desperately need your help!! Since we are launching the course from next week and this is the only pending step.

     

    Many Thanks,

    YASSER

  • pascal.schmitt | pascal.schmitt | 19. May 2014, 16:37
    Re: LDAP Configuration

    Hi Yasser

    Can you please post the link of the documentation you followed?

    Regards Pascal

  • engymk | Deleted | 20. May 2014, 14:21
    Re: Re: LDAP Configuration

    Hi Pascal.Schmitt,

     

     Thank you for your response. I really wish you could help me.. please find the link which i followed

     

    http://www.ilias.de/docu/ilias.php?baseClass=ilLMPresentationGUI&ref_id=367&obj_id=56831&srcstring=1

     

     

    Best Regards,

    YASSER

     

     

  • pascal.schmitt | pascal.schmitt | 20. May 2014, 15:47
    Re: Re: Re: LDAP Configuration

    Hi Yasser

    Please check if there is a green checked icon behind "LDAP" on the page "Administration / Authentication and Registration / Authentication". Also check LDAP as your default authentication mode (in the same screen).

    Hope that helps

    Pascal

  • engymk | Deleted | 21. May 2014, 07:38
    Edited on: 21. May 2014, 07:41 - by engymk (Deleted)
    Re: Re: Re: Re: LDAP Configuration

    Hi Pascal,

     

     I have already enabled the LDAP with the green check before I post the topic. However when I made it default. No login is working anymore. I am trying to access local by selecting the "ILIAS Native Authentication" with root user and it started to give the same error of "Wrong Login or Password". Please help. I cannot access the server anymore!!

     

     

    Here is my version i am using: ILIAS (v4.4.2 2014-03-26)

     

    Thank you

     

  • pascal.schmitt | pascal.schmitt | 21. May 2014, 08:30
    Re: Re: Re: Re: Re: LDAP Configuration

    Hi

    Access the database (e.g. by phpmyadmin), select the table "settings" and look for a entry like

    module = common

    keyword = auth_mode

    and set the value to "1"

    Now you should be able to login with root again.

    Regards, Pascal

  • jackisch | jackisch | 24. May 2014, 15:15
    Edited on: 24. May 2014, 15:33 - by jackisch | jackisch
    Re: Re: Re: Re: Re: Re: LDAP Configuration

    Hi,

    in my installations LDAP is working allright.

    Can you post your LDAP configuration settings?

    For a next try for your configuration: manually change the auth-setting of the root user to the ILIAS database. When this is set to "default", the login-mode changes with the settings you configure and root cannot login anymore. Pascals hints give you a way to get root to work again. Probably you can set the login-method un the usr_data table for the root user to the local login, too.

    I added a warning (and minor additions for the login order) to the LDAP instructions.

    For tests, open a different browser or a session o a different client with administrative rights, as long as you dont exit this session you can always repair...

    To bring LDAP to work I set the login-order with LDAP before any other method. This way, ILIAS tries to authenticate vai LDAP first, then against the local database.

    To further investigate, I used tcpdump on the ILIAS machine (like tcpdump -A -i eth0 port 389) to see if LDAP traffic occurs and what data is sent. If there is no traffic then ILIAS doesnt try LDAP, if there is any traffic you can read which user ILIAS tries to authenticate and the answers.

    Regards

    Ingo

  • engymk | Deleted | 10. Jun 2014, 14:05
    Re: Re: Re: Re: Re: Re: Re: LDAP Configuration

    Hi Pascal,

    Hi Ingo,

     

    I have tried all the tips you provided with no single luck!

     

    please find attached the configuration shots...

  • jackisch | jackisch | 10. Jun 2014, 21:06
    Re: Re: Re: Re: Re: Re: Re: Re: LDAP Configuration

    Hi Yasser,

    on page 3 of your config you have set OU=CMA,DC=INT,.... as user search base. This setting is prepended to the baseDN (see picture 2), so can you pace only OU=CMA (no commas) in this field?

    The rest seems o.k. to me.

    You can see messages in the ILIAS logfile or watch the process with tcpdump, you shoud see your ldap user binds first and then the user login, if everything works.

    If problems stay, can you tell if the LDAP bind of the ldap user succeeds?

    Regards

    Ingo

  • engymk | Deleted | 24. Jun 2014, 08:19
    Re: Re: Re: Re: Re: Re: Re: Re: Re: LDAP Configuration

    Many Many Many thanks Jackish....

     

    It is working perfectly now...

     

    Thank you all for all the help you provided.. it all led to resovle my issue.

     

     

  • Nigel.Trego@zeon.eu | Nigel.Trego@zeon.eu | 10. Jan 2019, 17:35
    LDAP Confguration Active Directory

    We wanted to standardise using the user's email address for AD authentication, we use the email address (joe.bloggs@xyz.com) as a user id for Office365 as well as many other platforms.  Some of our user accounts still had dated login names (pre Windows 2000, e.g. Jill Blogs would have username BloggsJ).  Also, our internal AD domain was xyz.net, a suffix that did not match the email address suffix (xyz.com).  With this in mind using samaccountname as the LDAP attribute did not work for us. 

    We managed to work around this issue by using the LDAP attribute UserPrincipalName in the Ilias Ldap config.  Prior to this we added the email domain name (xyz.com) as a UPN suffix (in Active Directory Domains and Trusts) and changed suffix in the AD user account record.  (Once you have added the UPN suffix in Active Directory Domains and Trusts, it becomes avaiable in the AD user account as a dropdown).

    So now joe.blogs@xyz.com authenticates correctly.

    Hopefully this might help someone who has experienced similar issues.


Functions