Has anyone successfully acheived this? We are using the same LDAP settings that have worked for many other products, and while we can connect, no users are able to be looked up in the test mode.
More detail can of course be provided as needed.
Thanks in advance to any and all willing to help.
I got the "Internal Directory with LDAP Authentication" working with an instance of Zimbra LDAP server, which isn't one of the specific choices in the drop-down list. Here's what worked for me:
Generic Directory Server
Hostname: ldap.example.com
Username: uid=zimbra,cn=admins,cn=zimbra
Password: secret
Default Group Memberships: jira-users
Base DN: dc=example,dc=com
User Name Attribute: uid
Additional User DN: ou=people
User Object Class: zimbraAccount
User Object Filter: (uid=*)
User Name RDN Attribute: cn
User First Name Attribute: givenName
User Last Name Attribute: sn
User Display Name Attribute: displayName
User Email Attribute: mail
I also found LDAPManager (https://sourceforge.net/projects/ldapmanager) for OSX useful for debugging what attributes were present in the LDAP server.
Zimbra accounts must be supported, https://confluence.atlassian.com/display/CROWD/LDAP+Object+Structures
Which connection are you using ?https://confluence.atlassian.com/display/CROWD/Configuring+an+LDAP+Directory+Connector
What error are you getting during the test?
If you/can you save does it synch?
IN general disable features like paging, nested groups, and increase timeouts, then run the test again.
It may help to loosed your object filters and go higher on the base DN for the user objects unless you are sure you have the right LDAP filters.
If still no luck, grab the relevent section of the logs and add them here.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Attempted with both
Connectors.
The error is "user not found" on the lookup test when entering known good users. I have used TCPDUMP to ensure that the connection is occuring, and have not seen any errors on the server side (zimbra). I will post more detail when I return to the office on Monday (such as the makup of the LDAP structure, it is VERY simple).
I am using the same search filiters on GitHub Enterprise and OpenFire to authenticate against Zimbra OpenLDAP.
Thanks for the assist.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Alright, in my exoerience here that lends to the object filters and paths if your not seeing auth or limit errors from the ldap server.
Do you have another application (apache directory studio is good) that will allow you to manually validate connection strings, filters and the base DN? Even another web app that uses that LDAP today and you can just do a quick sanity check on the config.
Always best to eliminate the easy stuff first ;)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.