[ZendTo] AD Authentication Issue

Ken Etter KLE at msktd.com
Wed Jan 9 19:42:54 GMT 2019 

I authenticate against LDAP, not AD.  I'm not AD knowledgeable, so just
throwing out some random thoughts...

Are you sure that your authLDAPBaseDN1 is correct?  I'm used to seeing
OU or O in there, and I know AD uses DC, but is CN correct?
Should authLDAPBindUser1 have "org\" in front of the username?
>>> RICARDO ARAÚJO POPOIRE WANDERLEY via ZendTo <zendto at zend.to>
1/9/2019 2:31 PM >>>
Guys, 
 
Any update on this?
 
At.te
Ricardo Araujo
21 3223 7944
 
From: RICARDO ARAÚJO POPOIRE WANDERLEY
Sent: terça-feira, 8 de janeiro de 2019 15:46
To: ZendTo Users <zendto at zend.to>
Subject: AD Authentication Issue
 
Hi Folks
 
We are facing an issue with AD authentication. When I set AD mode I can
logged in even if I try to do this with an user that doesn’t exists in
my AD environment.
 
It seems to Zendto is bypassing and accepting users to login with any
account and password.
 
Preferences.php is configured as bellow:
 
  'authenticator'  		   => 'AD',
    'authLDAPServers1' 		 => array('xxx.xxx.xxx.xxx'),
    'authLDAPBaseDN1' 		  =>
array('CN=XXX,DC=XXXX,DC=XXX,DC=XXX'),
    'authLDAPAccountSuffix1'    => '@xxxx.xxx.xxx',
    'authLDAPUseSSL1' 		  => false,
  //'authLDAPUseTLS1'   	    => false,
    'authLDAPBindUser1' 	    => 'org\svc_zendto',
    'authLDAPBindPass1' 	    => 'password’,
  //'authLDAPMemberKey'   	  => '',
  //'authLDAPMemberRole'		=> '',
    'authLDAPOrganization1'     => 'org',
 
Ldapsearch Works fine.
 
Could you help me with this?
 
Zendto Version: 5.15-1
Php Version: PHP 7.2.13 (cli) (built: Dec  6 2018 15:54:38) ( NTS )
 
 
Thanks in advance
 

  
RICARDO ARAUJO POPOIRE WANDERLEY
 
 
Tels. 55 21 3223 7944 | 7700
Cel.  55 21 99477 6779
Fax   55 21 3223 7738 
 
 
 
 
 

A impressão consciente gera economia e responsabilidade com o meio
ambiente 

Atenção: Esta comunicação deve ser lida apenas pelo seu destinatário e
não pode ser retransmitida sem autorização formal. Se esta mensagem
tiver sido recebida indevidamente, por favor destrua-a e retire-a de seu
computador.
Qualquer reprodução, disseminação, alteração, distribuição e/ou
publicação deste e-mail é estritamente proibida. 
 
Notice of Confidentiality: This document should only be read by those
persons to whom it is addressed and is not intended to be relied upon by
any person without subsequent written confirmation of its contents. If
you have received this e-mail message in error, please destroy it and
delete it from your computer.
Any form of reproduction, dissemination, copying, disclosure,
modification, distribution and/or publication of this e-mail message is
strictly prohibited.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://jul.es/pipermail/zendto/attachments/20190109/f97abc3e/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: IMAGE.jpg
Type: image/jpg
Size: 6558 bytes
Desc: JPEG image
URL: <http://jul.es/pipermail/zendto/attachments/20190109/f97abc3e/attachment-0001.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: IMAGE.png
Type: image/png
Size: 2270 bytes
Desc: Portable Network Graphics Format
URL: <http://jul.es/pipermail/zendto/attachments/20190109/f97abc3e/attachment-0001.png>

More information about the ZendTo mailing list