I can not figure out why I’m getting the following.
I have configured an LDAP connection to the global Active Directory of the group I’m part of.
Such configuration usualy works well with other applications (it works also for elasticsearch for instance).
But here I’m getting the following error :
t=2017-04-15T15:57:20+0000 lvl=eror msg="Error while trying to authenticate user" logger=context userId=0 orgId=0 uname= error="LDAP Result Code 10 \"Referral\": 0000202B: RefErr: DSID-03100781, data 0, 1 access points\n\tref 1: 'domain.example'\n
Nowhere I find any clue about this DSID error.
I’ve tried in the search_base to add the OU, without success. I’ve also verified by putting false IDs for bind_dn and pwd, and then error is different.
If I put in my login false password, I still get the same error in the log, so it doesn’t detect that the user is correct or not properly.
My configuration ldap.toml is as below:
[[servers]] host = "ldap_host" port = 389 use_ssl = false start_tls = true ssl_skip_verify = true bind_dn = "CN=technical_account,OU=Service_Accounts,OU=Domain_Users,DC=domain,DC=example" bind_password = 'hihi' search_filter = "(sAMAccountName=%s)" search_base_dns = ["DC=domain,DC=example"] [servers.attributes] name = "givenName" surname = "sn" username = "sAMAccountName" member_of = "memberOf" email = "email" [[servers.group_mappings]] group_dn = "CN=GROUP1,OU=APP_Groups,OU=Domain_Groups,DC=domain,DC=example" org_role = "Admin" [[servers.group_mappings]] group_dn = "CN=GROUP2,OU=APP_Groups,OU=Domain_Groups,DC=domain,DC=example" org_role = "Editor" [[servers.group_mappings]] #group_dn = "CN=GROUP3,OU=APP_Groups,OU=Domain_Groups,DC=domain,DC=example" group_dn = "*" org_role = "Viewer"
Do you see something, have any clues to help me investigate, or any idea ?