[ZendTo] AD Authentication Issue

RICARDO ARAÚJO POPOIRE WANDERLEY ricardo.araujo at modal.com.br
Wed Jan 9 19:53:09 GMT 2019


Hi Ken

I’m using CN because I need to allow users only from specify group.

Even without “domain\user” I get this issue.  LDAP auth doesn’t working, I get LDAP error.

Ldapsearch is OK and I can bind normally.

Could you send an example of your conf for LDAP auth?

Thanks!

At.te
Ricardo Araujo
21 3223 7944

From: Ken Etter <KLE at msktd.com>
Sent: quarta-feira, 9 de janeiro de 2019 17:43
To: ZendTo List <zendto at zend.to>
Cc: RICARDO ARAÚJO POPOIRE WANDERLEY <ricardo.araujo at modal.com.br>
Subject: Re: [ZendTo] AD Authentication Issue

I authenticate against LDAP, not AD.  I'm not AD knowledgeable, so just throwing out some random thoughts...

Are you sure that your authLDAPBaseDN1 is correct?  I'm used to seeing OU or O in there, and I know AD uses DC, but is CN correct?
Should authLDAPBindUser1 have "org\" in front of the username?
>>> RICARDO ARAÚJO POPOIRE WANDERLEY via ZendTo <zendto at zend.to<mailto:zendto at zend.to>> 1/9/2019 2:31 PM >>>
Guys,

Any update on this?

At.te
Ricardo Araujo
21 3223 7944

From: RICARDO ARAÚJO POPOIRE WANDERLEY
Sent: terça-feira, 8 de janeiro de 2019 15:46
To: ZendTo Users <zendto at zend.to<mailto:zendto at zend.to>>
Subject: AD Authentication Issue

Hi Folks

We are facing an issue with AD authentication. When I set AD mode I can logged in even if I try to do this with an user that doesn’t exists in my AD environment.

It seems to Zendto is bypassing and accepting users to login with any account and password.

Preferences.php is configured as bellow:

  'authenticator'             => 'AD',
    'authLDAPServers1'          => array('xxx.xxx.xxx.xxx'),
    'authLDAPBaseDN1'           => array('CN=XXX,DC=XXXX,DC=XXX,DC=XXX'),
    'authLDAPAccountSuffix1'    => '@xxxx.xxx.xxx',
    'authLDAPUseSSL1'           => false,
  //'authLDAPUseTLS1'           => false,
    'authLDAPBindUser1'         => 'org\svc_zendto',
    'authLDAPBindPass1'         => 'password’,
  //'authLDAPMemberKey'         => '',
  //'authLDAPMemberRole'        => '',
    'authLDAPOrganization1'     => 'org',

Ldapsearch Works fine.

Could you help me with this?

Zendto Version: 5.15-1
Php Version: PHP 7.2.13 (cli) (built: Dec  6 2018 15:54:38) ( NTS )


Thanks in advance

[http://www.modal.com.br/emailmkt/marca-assinatura.jpg]<https://modal.com.br/html/index.php>



RICARDO ARAUJO POPOIRE WANDERLEY







Tels. 55 21 3223 7944 | 7700
Cel.  55 21 99477 6779
Fax   55 21 3223 7738









[cid:image002.png at 01D4A843.D9E1DC00]

A impressão consciente gera economia e responsabilidade com o meio ambiente


Atenção: Esta comunicação deve ser lida apenas pelo seu destinatário e não pode ser retransmitida sem autorização formal. Se esta mensagem tiver sido recebida indevidamente, por favor destrua-a e retire-a de seu computador.
Qualquer reprodução, disseminação, alteração, distribuição e/ou publicação deste e-mail é estritamente proibida.



Notice of Confidentiality: This document should only be read by those persons to whom it is addressed and is not intended to be relied upon by any person without subsequent written confirmation of its contents. If you have received this e-mail message in error, please destroy it and delete it from your computer.
Any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message is strictly prohibited.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://jul.es/pipermail/zendto/attachments/20190109/96958596/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 6558 bytes
Desc: image001.jpg
URL: <http://jul.es/pipermail/zendto/attachments/20190109/96958596/attachment-0001.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 2270 bytes
Desc: image002.png
URL: <http://jul.es/pipermail/zendto/attachments/20190109/96958596/attachment-0001.png>


More information about the ZendTo mailing list