Reputation: 1391
Bugzilla 4.2.4 - Logging in with LDAP credentials
I went through the Bugzilla install.
Created the Admin account and password at the end of the install.
Logged in to Bugzilla and went through the configuration guide.
Set the User Authentication to use LDAP.
Went to the LDAP section and set all the values accordingly.
I have a small number of users that will be using Bugzilla. I want them to be able to log in to Bugzilla using their LDAP credentials. So they will have fewer passwords to remember.
I am going to create the users accounts.
For username, I put in thier LDAP ID and make up a standard password.
new user = [email protected] password = asdasdasd
Save the user.
Now I have them try and log in to Bugzilla using LDAP credentials.
LDAP ID = [email protected] LDAP Password = ldappassword
They get the error: The username or password you entered is not valid.
I know all the LDAP variables are correct. Also LDAP is not throwing a errors.
So I am assuming it must be something in Bugzilla.
- Is it correct that users can log in to Bugzilla using their LDAP id and password?
- Does the Bugzilla password only matter if they are logging in to the DB not using LDAP?
- When I create the new user, should I be setting the account to use LDAP somehow?
Upvotes: 1
Views: 3931
Answers (2)
Reputation: 1
This is quite tricky and I didnot see good documentation on it What you need to do is
- as administrator in bugzilla:
- go Administration/User Authentication
- move in user_verify_class the LDAP up to the active side
- go Administration/LDAP
- set correct LDAPserver, eg localhost:10389
- set LDAPBaseDN to the partition you created on the LDAP server, eg "dc=sevenseas".
- set LDAPuidattribute to "cn" if your entries in the sevenseas partition contain something in which the dc field contains the user name with which he will log in
I used this ldif (which is different from the one presented on the Apache Directory Studio LDAP):
File captain_hook.ldif
dn: dc=sevenseas objectclass: organizationalUnit objectclass: top ou: people
dn: cn=James Hook,dc=sevenseas objectclass: inetOrgPerson objectclass: organizationalPerson objectclass: person objectclass: top cn: James Hook description: A pirate captain and Peter Pan's nemesis sn: Hook mail: jhook@neverland userpassword: peterPan
I think that's it. Now users in bugzilla can log in using the name "James Hook" (the cn field) and the password peterPan. Notice that the password will be encrypted on the LDAP server so you can't recover it
Just a beginner myself, maybe an expert has a better way
Upvotes: 0
Reputation: 738
When using the LDAP auth type the users will be created automatically by Bugzilla upon first login.
- Yes that's correct
- Yes, you should not have to give them a password or manually setup an account for them in bugzilla
- You should not manually create the user in Bugzilla. See here 3.2.2.4. Deleting Users and then try logging them in
One of the troubles I ran into is that the users must have a 'valid' (of form [email protected]) email in the 'mail' field of the LDAP server.
Upvotes: 3
Related Questions
- ldapsearch: Invalid credentials
- Bugzilla 5.0 REST API Authentication in headers
- Symfony Login with LDAP
- Symfony 3.2 ldap authentication issue
- LDAP Authentication not working for login page
- LDAP Authentication Issue
- ldap authentication issue with the right credentials
- Bugzilla 4.2.4 - Turning Off LDAP authentication
- LDAP Authentication in limesurvey
- Bugzilla missing super user information