Gitea LDAP not working

Install/Maintain/Configure

dicki November 29, 2023, 4:38am 1

Hello Gents,

I have tried multi different way but cannot get AD ldap working with Gitea. This should be simple. My AD ldap work for bitbucket, gitlab, and may others.

I have no clue how to get it work for gitea Please help. Below is my config

Authentication Type LDAP (via BindDN)
Authentication Name: LDAPs
Security Protocol: Unencrypted
Host: ad.testme.local
Port: 389
Bind DN: CN=svcgiteaLDAP,OU=Service,DC=testme,DC=local
Bind Password ••••••••••••••••••••
User Search Base: OU=Users,DC=testme,DC=local
User Filter: (&(objectCategory=Person)(sAMAccountName=%s))
Admin Filter:
Restricted Filter:
Username Attribute:
Leave empty to use the username entered in Gitea or tried with sAMAccountName still not work
First Name Attribute: givenName
Surname Attribute: sn
Email Attribute: mail

Thanks,

dominotec January 4, 2024, 2:04pm 2

Hi,

I think, the problem is the Gitea LDAP (via BindDN) User Search Base configuration. Please change the User Search Base configuration from OU=Users,DC=testme,DC=local to DC=testme,DC=local.

After these change, please check your Gitea user login (User Management, User Account, Auth: LDAP-BindDN) with YourUserName@testme.local and your Active Directory password on the Gitea Website. We have the same LDAP / AD-Configuration with another domain. Example logfile (Log = Trace, App.ini). The rest of your configuration looks like good.

# Logfile (Log = Trace)
2024/01/04 14:35:01 ...dap/source_search.go:292:SearchEntry() [T] LDAP will use BindDN.
2024/01/04 14:35:01 ...dap/source_search.go:302:SearchEntry() [T] Bound as BindDN CN=XXX,OU=XXX,OU=XXX,DC=XXX,DC=local
2024/01/04 14:35:01 ...dap/source_search.go:79:findUserDN() [T] Search for LDAP user: testuser
2024/01/04 14:35:01 ...dap/source_search.go:87:findUserDN() [T] Searching for DN using filter (&(objectCategory=Person)(sAMAccountName=testuser)) and base DC=XXX,DC=local
2024/01/04 14:35:01 ...dap/source_search.go:139:bindUser() [T] Binding with userDN: CN=testuser,OU=User,OU=XXX,DC=XXX,DC=local
2024/01/04 14:35:01 ...dap/source_search.go:145:bindUser() [T] Bound successfully with userDN: CN=testuser,OU=XXX,OU=XXX,DC=XXX,DC=local
2024/01/04 14:35:01 ...dap/source_search.go:340:SearchEntry() [T] Fetching attributes '', 'givenName', 'sn', 'mail', '', '', '' with filter '(&(objectCategory=Person)(sAMAccountName=testuser))' and base 'CN=testuser,OU=User,OU=XXX,DC=XXX,DC=local'

Gitea: Gitea Version 1.21.3 | VM | Test | Win

dominotec