-
-
Notifications
You must be signed in to change notification settings - Fork 532
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create Ldap user directly at Teampass DB and restrict login to Group Ldap don't work #1539
Comments
Any help? Issues:
Is there any configuration to say to Teampass to create the ldap user in the first login if it doesn't exist in the DB? Did anybody get to restrict by Ldap group ? Thanks. |
I have read this issue: At v2.1.25 version was implemented a feature to create a user in Teampass DB directly when the user who tries to log in doesn't exist within DB. it seems at v.2.1.26 it is not implemented? Thanks. |
I have set "Teampass local users only" off in"LDAP settings" and when I try to access with ldap user which doesn't exist inTeampass DB it gets an infinite load looping, firebug says : 500 Internal Server Error but no errors. At the logs server: [Tue Nov 01 11:51:10.122572 2016] [:error] [pid 29913] [client X.X.X.X:22602] PHP Fatal error: Call to a member function user() on null in /var/www/html/teampass/sources/identify.php on line 395, referer: https://xxxxxxx/index.php?page=items Thanks. |
I have this exact same issue with the latest teampass version. (actually i don't know if this worked in previous versions) I use openldap and it doesn't matter if the user belongs to a group or not. As long as the bind user is able to browse the root it will just create the user in the local TP db, and after that, ldap is no longer used for authentication and TP will use the local db for authentication. |
The user was able to log in using LDAP even if he was not in the required group.
See this pull request for a solution: #1742 |
Steps to reproduce
Expected behaviour
Ldap login should work.
1- Teampass should create ldap user in the Database at the first ldap login attempt.
2- Group Ldap filter should work too.If ldap user exist in People OU but doesn’t exist in Teampass Ldap group then ldap login should not be successful however if user exist in both it should be successful.
Actual behaviour
If ldap user doesn't exist in Teampass DB in advanced, Ldap login doesn't work.
If ldap user exists in Teampass DB in advanced, Ldap login works but group ldap filter doesn’t work.
Regarding to group filter, If ldap user exist in People OU but doesn’t exist in Teampass ldap group, the ldap login is successful too, user should exist in both to be successful.
Server configuration
Operating system:Centos7
Web server: Apache 2.4
Database: mysql 5.7
**PHP version:**PHP 5.6
Teampass version: v.2.1.26 (final release)
Updated from an older Teampass or fresh install: Fresh Install
Client configuration
**Browser:**Chrome Version 53.0.2785.143 (64-bit)
Operating system: Mac
Logs
LDAP log
Webserver log
No errors.
The text was updated successfully, but these errors were encountered: