question

BrettSh-0485 avatar image
0 Votes"
BrettSh-0485 asked ·

Have Working LDAPS Service Account, So, Why Can't I Use That Account to Login Users

I have setup LDAPS by basically following these steps:

https://docs.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-configure-ldaps

Plus, I have created a service account that allows me to extract user information.

The client stack is Linux, NGINX, PHP Drupal CMS.

If I create a query within Drupal with the following parameters I get one correct result:
base_dn_str = DC=myname,DC=onmicrosoft,DC=com
filter = (&(objectClass=user)(userprincipalname=member1@myname.onmicrosoft.com))

So, service account binding and user principal name must be OK.

However, I can't use the service account to login as member1 (or any other) user. I've got the Drupal log setting at debug and this is what I see:
...
member1@myname.onmicrosoft.com : Trying server ldapserver where bind_method = 1. Error: Success
member1@myname.onmicrosoft.com : Authentication result id=0 auth_result=3 (Sorry, unrecognized username or password.)
...

The username (member1@myname.onmicrosoft.com) is valid and I've tested the password elsewhere so I know that is correct.

I've posted a question about this on the Drupal forum a week ago, but haven't had a response.

Any suggestions?

Thank you in advance.

Regards

BrettSh

azure-ad-domain-services
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

FrankHuMSFT-4825 avatar image
0 Votes"
FrankHuMSFT-4825 answered ·

Hey @BrettSh-0485 it looks like you're using the CN but per this Drupal post :
https://www.drupal.org/project/ldap/issues/2062933
You actually should be using the uid. Can you try using the UID for your Drupal LDAPS connection and seeing if that works properly?

This looks like it must be some sort of issue with Drupal to LDAPS configuration.

If that doesn't work, try getting a network trace or posting this on the Drupal Forums for more engagement as this is an issue with the Drupal CMS LDAP config.

· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.