LDAP loguin not working

Hi! I have been reading about this issue but i can’t make it work.
I have my LDAP configuration set, the test via Test Server Connetion button is working fine, and when i look for user in the Login Test area i get a User Found (OK) but when the user tries to login is getting a “Invalid Credentials, please verify them and retry”. The strange thing is that i am loged with my AD user and password without issues.
Do i have to create the user in the Authentication -> Users area? Or should it create by itself with the first login?
My graylog version is v3.2.1.
Do you need any other information?

Please post your LDAP configuration in Graylog…

Here goes. Group mapping is empty, and the server address is the real one in my config.

  1. If you use Active Directory and not normal LDAP (like OpenLDAP), change Server Type to Active Directory
  2. If you care about security always use secure connection to LDAP server, otherwise all password are send with plain text. Check SSL or StartTLS based of type your LDAP support, and change port to 636
  3. Check if your Search Base DN contains also your System Username bind and your users, better is to use lower LDAP tree structure, for example DC=domain,DC=net
  4. Your User Search Pattern doesn’t use filter only for users, so it can include also another objects like groups, mail accounts and so on. Use rather filter like this which include user members of group Graylog_users:
  5. I always try to use filter using AD mmc filter or powershell to check if it works, only remove part (sAMAccountName={0})

Hope it helps

Its working now, thanks!
I changed to Active Directory (1) and changed the Search Base DN (3) to a wider OU.
About 4 i changed to the one you proposed but didnt work, i used the one that was already configured, and i will check the article in depth because i now little about the AD service and the queries.
Thanks for the information and the assistance.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.