Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: LDAP is not connecting, and I want to add groups. #1949

Open
FraanCIB opened this issue Jan 14, 2025 · 3 comments
Open

feat: LDAP is not connecting, and I want to add groups. #1949

FraanCIB opened this issue Jan 14, 2025 · 3 comments

Comments

@FraanCIB
Copy link

Describe the feature you'd like to request

I want to use LDAP like in version 0.15, where I could identify groups to assign roles to them.

Now, LDAP is not working at all; the connection says it’s incorrect.

Here’s my log:

vbnet
Copiar código
homarr | 2025-01-14T11:46:05.061Z error: Failed to connect to LDAP server
homarr | F: Read more at https://errors.authjs.dev#credentialssignin
homarr | at sg (.next/server/chunks/549.js:375:42991)
homarr | at async s_ (.next/server/chunks/549.js:375:52148)
homarr | at async sk (.next/server/chunks/549.js:375:56408)
homarr | at async d (.next/server/app/api/auth/[...nextauth]/route.js:1:2607) {
homarr | type: 'CredentialsSignin',
homarr | kind: 'signIn',
homarr | code: 'credentials'

Additional information

No response

@SeDemal
Copy link
Collaborator

SeDemal commented Jan 14, 2025

Hi, this means 1 of 3 things.
Wrong BIND_DN, wrong BIND_PASSWORD, or homarr doesn't share any network with the ldap server and therefore cannot reach it.

Make sure that you are using the 2 following env variables: "AUTH_LDAP_BIND_DN" and "AUTH_LDAP_BIND_PASSWORD".
I guess you have used the same values that came from your working v0.15 install, and those should be correct, so check the env variables names, double and triple check the values for them anyway, and make sure the network setup is the same as v0.15.

@FraanCIB
Copy link
Author

The installation is clean following the demo documentation, so the variables should be correct, or at least I think they are. The network is fine, my LDAP server can ping between them without any issues, and I’ve verified that the credentials are correct.

Add the following at the end of the message:

SECRET_ENCRYPTION_KEY=
AUTH_LOGOUT_REDIRECT_URL=
AUTH_PROVIDERS=ldap
AUTH_LDAP_URI=
AUTH_LDAP_BASE=
AUTH_LDAP_BIND_DN=
AUTH_LDAP_BIND_PASSWORD=
AUTH_LDAP_USERNAME_ATTRIBUTE=
AUTH_LDAP_USER_MAIL_ATTRIBUTE=
AUTH_LDAP_SEARCH_SCOPE=sub
AUTH_LDAP_USERNAME_FILTER_EXTRA_ARG=""

@Meierschlumpf
Copy link
Member

Groups can already be added through the onboarding or by just adding a group in user management. One thing that we could definitely improve is showing the error that we get back from ldap in the logs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants