-
-
Notifications
You must be signed in to change notification settings - Fork 169
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[INTEGRATION] Trying to use LLDAP with etherpad (plus ep_ldapauth_ng plugin) #863
Comments
I think for the admin group you need to set If you want to have another group to control access to the directory, you can plug that in the I think you also want I don't know why you'd get an authentication error, though. Can you post the verbose LLDAP logs from trying to log in? |
Thank you for your answer.
With this configuration: (I didn't add the other group to control access for now (step by step :) )so each user should be able to get standard access)
With an user test that is not part of the group mylldapgroupforwitchuserscanhaveadminrights I get this in LLDAP logs:
|
That all looks correct: it first tries to bind as "test", to check the password, and that works. Then it connects as your read-only bind user to get the "test" user details, and the admin group details (which does not contain test). What issues are you facing? |
Etherpad doesn't grant access (it ask for login one more time) and in Etherpad logs I get: Edit: I'm asking myself if I am wasting a lot of time for a plugin issue or if I misunderstood the doc. https://github.com/daschr/ep_ldapauth_ng/ I thought I could connect through ldap directly OR through ldap + OIDC but maybe I'm wrong. |
Hmm, I can help you debug the LDAP part, but it seems to be working well. At this point, you'll be better served by asking the etherpad community (or the plugin author) for help. Maybe also looking at the etherpad logs. |
I think the main problem is that this ep_ldapauth_ng plugin (https://github.com/daschr/ep_ldapauth_ng#readme) isn't working with last etherpad version anymore.
It worked for regular users. But doesn't work for users from the mylldapgroupforwitchuserscanhaveadminrights group that don't get etherpad admin permission. |
Description of the service
I'm a beginner so I have difficulties to configure correctly etherpad + ep_ldapauth_ng plugin (https://github.com/daschr/ep_ldapauth_ng#readme) to use LLDAP authentication.
Adding a working configuration for Etherpad in https://github.com/lldap/lldap/tree/main/example_configs could be usefull for other beginners :)
What you've tried
I tried this without success:
I'm not sure but this seems to be a valid command to test if an user is member of a group :
(&(objectClass=person)(memberof=cn=mylldapgroupforwitchuserscanhaveadminrights,ou=groups,dc=mysubdomain,dc=mydomain,dc=org))
bug no idea how to put this into the configurationWhat's not working
In Etherpad logs I get:
Failed authentication from IP myIP
When the password is right (more error messages when the password is wrong)
Working Bonus
I have an other etherpad plugin (ep_mypads: https://www.npmjs.com/package/ep_mypads) that is working great with this configuration:
The text was updated successfully, but these errors were encountered: