Announcement

Collapse
No announcement yet.

Regular User login doesn't seem to work with LDAP integration

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Regular User login doesn't seem to work with LDAP integration

    I have Users setup and LDAP integration working.

    If I set the User to Administrator, they can login.

    If I change them to Regular, they cannot.

    If I change them back to Administrator they can.

    Would be really helpful to have Regular users because currently making everyone Administrators is risky, and recreating everything in a Portal would be significantly increasing the setup work.
    Tags: None
  • #2
    There's a line in the log (/run/espocrm/logs/espocrm.log): LDAP: Authentication failed for user [test], details: user is not found.

    Comment

    • #3
      I wonder if it might be from setting some users up just in EspoCRM and not adding them as LDAP users as well?

      When LDAP Integration is used, it seems I can add EspoCRM Users, without adding them to the LDAP server as well, and they can login if set as Administrators - but not if I then change them to Regular.

      Comment

      • #4
        Hello Marcus,
        It seems that you have a bad configuration. I doubt that you are even able to log in as an LDAP user. I think you are still connecting as an EspoCRM Admin user.
        Thanks to EspoCRM logic, if the connection to the LDAP users is bad, or the system can't establish the connection with LDAP server, it allows you to log in by an 'Espo' authentication method.

        Please enable the DEBUG mode as described here https://docs.espocrm.com/administrat...e-for-a-logger.
        Then try to log in and check an EspoCRM log file.
        If you will face something like:
        Code:
        INFO: LDAP: Administrator [admin] was [COLOR=#e74c3c]logged in by Espo method[/COLOR]. [] []
DEBUG: User [admin] is found with this DN []. [] []
        It will mean that Login as LDAP user is failed and you logged by an Espo Auth method.

        • Likes 1

        Comment

        • marcusquinn
          #4.1
          marcusquinn commented
          03-03-2021, 03:29 PM
          Editing a comment
          Thanks, I think I have it solved. It seems that if creating a user in Espo then it will allow login as Admin with just an Espo users but not as Regular, in which case the user also needs to have an LDAP account. Which is fine, just something I need to remember when setting people up, after-all the point of LDAP is centralising User managment, so best to stick to just one or the other and not mix. Thanks for the pointers!
      Previous template Next
      Working...
      X