gianmarcomurru 2 Posted March 4, 2024 Posted March 4, 2024 Hello! I am trying to configure the LDAP Plugin to work without success. I have an Emby server and my LDAP server deployed as a docker container, they have access to the same docker network. I have ensured that the Emby container can reach the LDAP one successfully. These are my settings on the LDAP Plugin: If I run this from a docker container in the same network (I couldn’t install the required package openldap-clients on the Emby server container). As you see these settings are working here: These are the logs related to the login attempt 2024-03-04 14:59:37.467 Error UserManager: Error authenticating with provider LDAP *** Error Report *** Version: 4.8.1.0 Command line: /system/EmbyServer.dll -programdata /config -ffdetect /bin/ffdetect -ffmpeg /bin/ffmpeg -ffprobe /bin/ffprobe -restartexitcode 3 Operating system: Linux version 6.1.64-Unraid (root@Develop-612) (gcc (GCC) 12.2.0, GNU ld version 2.40-slack151) #1 SMP PREEMPT_DYNAMIC Wed Nov 29 12:48:16 PST 2023 Framework: .NET 6.0.25 OS/Process: x64/x64 Runtime: system/System.Private.CoreLib.dll Processor count: 4 Data path: /config Application path: /system Novell.Directory.Ldap.LdapException: LdapException: Invalid Credentials (49) Invalid Credentials LdapException: Matched DN: Source: LDAP TargetSite: Void ChkResultCode() 2024-03-04 14:59:37.468 Error DefaultAuthenticationProvider: Invalid username or password. No user named alessandro exists 2024-03-04 14:59:37.469 Error UserManager: Error authenticating with provider Default *** Error Report *** Version: 4.8.1.0 Command line: /system/EmbyServer.dll -programdata /config -ffdetect /bin/ffdetect -ffmpeg /bin/ffmpeg -ffprobe /bin/ffprobe -restartexitcode 3 Operating system: Linux version 6.1.64-Unraid (root@Develop-612) (gcc (GCC) 12.2.0, GNU ld version 2.40-slack151) #1 SMP PREEMPT_DYNAMIC Wed Nov 29 12:48:16 PST 2023 Framework: .NET 6.0.25 OS/Process: x64/x64 Runtime: system/System.Private.CoreLib.dll Processor count: 4 Data path: /config Application path: /system System.Exception: System.Exception: Invalid username or password. at Emby.Server.Implementations.Library.DefaultAuthenticationProvider.Authenticate(String username, String password, User resolvedUser) at Emby.Server.Implementations.Library.UserManager.AuthenticateWithProvider(IAuthenticationProvider provider, String username, String password, User resolvedUser, CancellationToken cancellationToken) Source: Emby.Server.Implementations TargetSite: System.Threading.Tasks.Task`1[MediaBrowser.Controller.Authentication.ProviderAuthenticationResult] Authenticate(System.String, System.String, MediaBrowser.Controller.Entities.User) 2024-03-04 14:59:37.470 Warn Server: AUTH-ERROR: 162.154.134.188 - Invalid username or password entered. 2024-03-04 14:59:37.470 Error Server: Invalid username or password entered. Any suggestion? Thank you in advance
Luke 38842 Posted March 4, 2024 Posted March 4, 2024 Hi there, it looks like the ldap server is rejecting the login, no?
gianmarcomurru 2 Posted March 9, 2024 Author Posted March 9, 2024 (edited) On 04/03/2024 at 22:02, Luke said: Hi there, it looks like the ldap server is rejecting the login, no? Seems so but it’s quite hard to debug it. I logged in with the same credentials from a ldap client and I have the same setup on Jellyfin working fine. The LDAP server is reachable and the credentials are correct. Still throw that error, do you have perhaps suggestions on how debug it? Edited March 9, 2024 by gianmarcomurru
Luke 38842 Posted March 18, 2024 Posted March 18, 2024 Are you able to get any logging or debug info from the LDAP server? Also can you try this version of the LDAP plugin? We haven't updated the embedded ldap library in a while, so that's worth a shot: LDAP.zip Thanks.
gianmarcomurru 2 Posted March 20, 2024 Author Posted March 20, 2024 Hey! After debugging more, I found this issue which was the user search filter. Here's the step I ran: Run a container to test LDAP queries: docker run -it --rm ubuntu /bin/bash # add <--network your_ldap_docker_network> if using a custom network Run these to test your query: apt-get update && apt-get install -y ldap-utils ldapsearch \ -x \ -H ldap://authentik_ldap:3389 \ -p 3389 \ -w 'your_password' -D 'cn=bind_username,ou=users,DC=ldap,DC=goauthentik,DC=io' \ -b 'OU=users,DC=ldap,DC=goauthentik,DC=io' \ '(cn=username_of_user_you_are_looking_for)' If you are using Authentik, these are the settings I am using: @Lukethank you very much for your help and patience! 1 1
Haruko Ishikawa 1 Posted August 10, 2024 Posted August 10, 2024 Thanks this methods works great with authentik! Thanks a lot you are a savior xD! Working with LDAP is a pain for real!
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now