Unable to register LDAP user
When i succesfully login with an LDAP user i get a form that asks me to review the user (see attached image). When i press "Continue" it just states "Could not register user". The log contains no information apart from this:
27 Replies
This is the LDAP configuration
(It's a Microsoft AD running on Windows Server 2012)
Hello?
@Moderator Is this issue being looked at?
hey @feliwir thanks for question, I am looking into it
hey @feliwir may I know, which doc did you followed to setup LDAP?.
@Rajat we did follow this guide: https://zitadel.com/docs/guides/integrate/identity-providers/openldap
but we don't have an OpenLDAP
I will take a look at it, we did not hear any potential LDAP issues.
“Could not register user” means LDAP entry is missing required attributes (usually email).
Map an attribute that actually exists, delete the broken user and see if you can log in again.
the email is displayed in the blurred screenshot i pasted above though
(correctly displayed)
hey @feliwir good morning, I will try to reproduce this and get back to you
@Rajat were you able to reproduce the issue?
hey @feliwir I didn't but I found out I have tested it back in august, notice what I have written, I think you may have to check your setup again. I just checked my old setup(which works) . when you click on more after LDAP Attributes , do you have values populated(attached my screenshot)?
can you also try running
ldapsearch
those are the only ones i've configured
it was enough to fill the 3 fields atleast
that does work
wdym? Can u share the output? are those values populated?
are those attributes returned with values matches the attribute mapping in ldap IDP?
For me the entry looks like this:
The fully entry like this:
so "uid" does not exist
@Rajat is the output useful to you?
Hey @feliwir good morning, I'll try to set it up Today and give you an update
hey @feliwir I am going to reproduce the issue right now, I will follow along and see if I run into any issues and will update you on it.
hey @feliwir I did made some progress
but with different errors
we have to open an issue anyways as we both are hititng 2 different errors, this was past enteruing username/password which was user01/bitnami1 for me from the doc
ok i made some progress, still not redirecting, very close
ok its working!
woa, great
Sorry i was out for lunch 😄
What was the issue? What did you need to change?
I will attach my docker compose file and the ldif file that I have
my ldap server
my values on the ldap idp
Servers:
ldap://docker-compose-openldap-1:1389
BaseDn: dc=example,dc=com
BindDn: cn=admin,dc=example,dc=com
Bind PW: Password1!
Userbase: dn
User filters: uid
User Object Classes: inetOrgPerson
More (attributes): ID=uid, Display=cn, Email=mail, Given=givenName, Family=sn, Preferred username=uid
can you also try
I dont see your email here, but check if there's a duplicate email(matches with the one blurred in this screenshot)
until here, strartibg from my files shared , THIS setup works for me, I just did deploy(as you can see above) and it all works, I didnt hit any issues apart from could not start LDAP flowHm, i wonder if this is related to being a Microsoft AD
I fixed it
the error was that the checkbox for "Create user if not exists" wasn't set....
However there is a bug that the checkbox unchecks itself randomly
🎉 Looks like you just helped out another community member! Thanks for being so helpful <@279655433726066688>! You're now one step closer to leveling up—keep up the amazing peer support! 🚀
hey @feliwir pls open an issue https://github.com/zitadel/zitadel/issues and I will inform the engineering team