jthomelab 0 Posted August 3, 2018 Posted August 3, 2018 I'm having a hard time getting Emby to connect with LDAP through Active Directory. I created a user to use as the Bind DN with a password using no SSL and the default ldap port of 389 (screenshot attached), but when attempting to log in with that very same user (which I've verified can log into the domain), I get the "Invalid username or password. Please try again" message. Looking at the logs, it sayd that it's an error authenticating with provider LDAP: 2018-08-03 10:55:40.158 Error UserManager: Error authenticating with provider LDAP *** Error Report *** Version: 3.5.2.0 Command line: C:\Users\administrator\AppData\Roaming\Emby-Server\system\EmbyServer.dll -noautorunwebapp Operating system: Microsoft Windows NT 6.2.9200.0 64-Bit OS: True 64-Bit Process: True User Interactive: True Processor count: 5 Program data path: C:\Users\administrator\AppData\Roaming\Emby-Server\programdata Application directory: C:\Users\administrator\AppData\Roaming\Emby-Server\system System.Exception: Login failed - user not found. at LDAP.AuthenticationProvider.Authenticate(String username, String password) at Emby.Server.Implementations.Library.UserManager.AuthenticateWithProvider(IAuthenticationProvider provider, String username, String password, User resolvedUser) System.Exception at LDAP.AuthenticationProvider.Authenticate(String username, String password) at Emby.Server.Implementations.Library.UserManager.AuthenticateWithProvider(IAuthenticationProvider provider, String username, String password, User resolvedUser) Am I missing something in the setup? The only thing I've obfuscated in the log is my domain name. This is running on Server 2016, and I'm not sure if that causes any problems.
Luke 42085 Posted August 3, 2018 Posted August 3, 2018 Unfortunately there's nothing obvious here. Are you sure the user search base you entered is correct?
jthomelab 0 Posted August 3, 2018 Author Posted August 3, 2018 (edited) That's really the only OU I have in my Active Directory for Users. Is it possible to leave that blank and allow it to search all of AD? Edit: Although I just tried that and had the same error. Emby log from the attempt: 2018-08-03 12:43:14.838 Error UserManager: Error authenticating with provider LDAP *** Error Report *** Version: 3.5.2.0 Command line: C:\Users\administrator.\AppData\Roaming\Emby-Server\system\EmbyServer.dll -noautorunwebapp Operating system: Microsoft Windows NT 6.2.9200.0 64-Bit OS: True 64-Bit Process: True User Interactive: True Processor count: 5 Program data path: C:\Users\administrator.\AppData\Roaming\Emby-Server\programdata Application directory: C:\Users\administrator.\AppData\Roaming\Emby-Server\system LdapException: No Such Object (32) No Such ObjectLdapException: Server Message: 0000208D: NameErr: DSID-0310021B, problem 2001 (NO_OBJECT), data 0, best match of: ''�LdapException: Matched DN: Novell.Directory.Ldap.LdapException at Novell.Directory.Ldap.LdapResponse.chkResultCode() at Novell.Directory.Ldap.LdapSearchResults.Next() at LDAP.AuthenticationProvider.Authenticate(String username, String password) at Emby.Server.Implementations.Library.UserManager.AuthenticateWithProvider(IAuthenticationProvider provider, String username, String password, User resolvedUser) So it seems it's not finding the DN for the account I'm using? I'll attach the results of Get-ADUser to this post. Again, only obfuscating the domain name. Edited August 3, 2018 by jthomelab
jthomelab 0 Posted August 14, 2018 Author Posted August 14, 2018 I would love if someone had more insight on this; I've tested the public ldap server at ldap.forumsys.com and it connects fine. I've verified that my domain controller is using port 389 for ldap and that its firewall is disabled, confirmed the credentials of the bind DN and given it read access to all of Active Directory. Outside of Emby, authentication is working normally across my domain.
Luke 42085 Posted August 14, 2018 Posted August 14, 2018 @@James W may have some active directory tips. thanks !
MathewW_MNF 1 Posted August 30, 2018 Posted August 30, 2018 I would love if someone had more insight on this; I've tested the public ldap server at ldap.forumsys.com and it connects fine. I've verified that my domain controller is using port 389 for ldap and that its firewall is disabled, confirmed the credentials of the bind DN and given it read access to all of Active Directory. Outside of Emby, authentication is working normally across my domain. Hi, I'd love to know if you resolved this? I'm having issues with using Emby and LDAP auth as well, it doesn't seem to be able to find the users.
Luke 42085 Posted August 30, 2018 Posted August 30, 2018 @@softworkz and @@James W may have some tips. 1
FelR 0 Posted September 20, 2018 Posted September 20, 2018 (edited) When using Microsoft Active Directory under user search filter you have to replace uid with sAMAccountName The bind account must also have the "Read MemberOf" permission enabled, but this is default for users in the domain users group. Edited September 20, 2018 by FelR
jthomelab 0 Posted September 21, 2018 Author Posted September 21, 2018 That solved my issue. Thank you very much for the information!
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now