LDAP bind failing

[jacksonp2008]

Using the latest Docker with .env and LDAP set to:

# LDAP Settings
LDAP_SERVER=10.80.99.120:389
LDAP_BASE_DN=OU=Employees,DC=lab,DC=xxxx,DC=com
LDAP_DN='CN=read-only,OU=Service Accounts,DC=lab,DC=xxxxx,DC=com'
LDAP_PASS=supsersecretpassword
#LDAP_DN=false
#LDAP_PASS=false
LDAP_USER_FILTER=(&(samaccountname=${user}))
LDAP_VERSION=2
LDAP_EMAIL_ATTRIBUTE=url

I can see the application contact the LDAP server (AD) & packets show up on wireshark. (bindrequest, bindresponse)

From the app log is see:

in Ldap.php line 94
at HandleExceptions->handleError(2, 'ldap_bind(): Unable to bind to server: Invalid credentials', '/var/www/bookstack/app/Services/Ldap.php', 94, array('ldapConnection' => resource, 'bindRdn' => '\'CN=read-only,OU=Service Accounts,DC=lab,DC=xxxx,DC=com\'', 'bindPassword' => 'supsersecretpassword'))

Note this combination of Base_DN, LDAP_DN, PASS are working on an older, non-docker version of bookstack at this time as well as other applications in my environment. I also tried to connect with a local LDAPMANAGER application using these credentials and it also works fine.

Thanks!

[ssddanbrown]

@jacksonp2008 Have you tried removing the quotes around your LDAP_DN option?

[jacksonp2008]

I did and it gave me an error saying:

bookstack_1  |   [Dotenv\Exception\InvalidFileException]                        
bookstack_1  |   Dotenv values containing spaces must be surrounded by quotes.  

However, based on that idea, I placed double quotes around both:

LDAP_BASE_DN="OU=Employees,DC=lab,DC=xxxx,DC=com"
LDAP_DN="CN=read-only,OU=Service Accounts,DC=lab,DC=xxxx,DC=com"

and it started to work.

Well done -- I'm up and running.

[ssddanbrown]

@jacksonp2008 Awesome, Glad you got it working