You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
At LDAP authentication users may have "invalid credentials" error when the case of the contact_ldap_dn from LDAP is different from the Centreon database one.
On LDAP side this information is case insensitive so it can change at a LDAP configuration, migration or other maintenance step and it is causing authentication problem even if the user is the correct one.
Steps to Reproduce
To reproduce the issue :
--Log out from Centreon
--Change the user DN case on Centreon database table "contact", field "contact_ldap_dn"
Ex: Change CN=TEST,OU=FR,OU=TEST,o=test,C=FR to CN=TEST,OU=FR,OU=TEST,O=TEST,C=FR
--Try to login again > you should got "invalid credential" error
Describe the received result
"invalid credential" error
Describe the expected result
Be able to login
Logs
PHP error logs
"[17-Apr-2023 17:03:14 Europe/Paris] PHP Notice: Undefined index: ldap_auto_sync in /usr/share/centreon/www/class/centreonLDAP.class.php on line 962"
### Additional relevant information (e.g. frequency, ...)
This bug can be fix by adding function strtolower to make the comparison case insensitive on the /www/class/centreonAuth.LDAP.class.php
--line 117 for 19.04 version:
$this->ldap->findUserDn($this->contactInfos['contact_alias']) !== $this->contactInfos['contact_ldap_dn'] replaced by strtolower($this->ldap->findUserDn($this->contactInfos['contact_alias'])) !== strtolower($this->contactInfos['contact_ldap_dn'])
--line 116 On the master branch:
$userDn !== $this->contactInfos['contact_ldap_dn'] replaced by strtolower($userDn) !== strtolower($this->contactInfos['contact_ldap_dn'])
The text was updated successfully, but these errors were encountered:
Module version
centreon.noarch 19.04.20-4.el7.centos (after checking the concerned file it doesn't seem fix on the last version neither)
Operating System
CentOS 7
Browser used
Version: 111.0.5563.148
Additional environment details (AWS, VirtualBox, physical, etc.):
Virtual machine
Description
At LDAP authentication users may have "invalid credentials" error when the case of the contact_ldap_dn from LDAP is different from the Centreon database one.
On LDAP side this information is case insensitive so it can change at a LDAP configuration, migration or other maintenance step and it is causing authentication problem even if the user is the correct one.
Steps to Reproduce
To reproduce the issue :
--Log out from Centreon
--Change the user DN case on Centreon database table "contact", field "contact_ldap_dn"
Ex: Change CN=TEST,OU=FR,OU=TEST,o=test,C=FR to CN=TEST,OU=FR,OU=TEST,O=TEST,C=FR
--Try to login again > you should got "invalid credential" error
Describe the received result
"invalid credential" error
Describe the expected result
Be able to login
Logs
PHP error logs
"[17-Apr-2023 17:03:14 Europe/Paris] PHP Notice: Undefined index: ldap_auto_sync in /usr/share/centreon/www/class/centreonLDAP.class.php on line 962"
The text was updated successfully, but these errors were encountered: