LDAP Authentication

tnt944445 · 11 December 2022 18:40

OS Name/Version: 20.04.5 LTS (Focal Fossa)

Product Name/Version: AMP Release “Halimede” v2.4.0.10, built 27/10/2022 18:15

Problem Description: LDAP Authentication

I am using a Network Standard license which should support using LDAP auth.

A couple issues.

When I start the server it leaves Login.UseLDAPLogins=True, but clears Login.LDAPAuthDomain= making it blank.
I’ve setup many LDAP services before and I’ve never had one just ask for “AuthDomain”. I need to be able to set the IP, port, Bind User, and Base DN for the LDAP server. If this is meant to be installed on a Windows server that is joined to a domain the documentation needs to be updated to reflect that.

Mike · 13 December 2022 17:51

It’s expecting a DNS entry that resolves to the address of the LDAP server when not using Active Directory.

vlandarr · 27 July 2023 15:48

I had that same issue.

In the logs it shows:

[15:28:56] [Logger Info]          : LDAP authentication unavailable - no licence present that permits this feature.

So I had to follow the steps in this article:
Configuring AMP for Enterprise or Network Usage

Unfortunately after that point, I can no longer log into the instance, either with LDAP users or the original user I set the system up with. ampinstmgr resetlogin does not work reset the login so I’m effectively locked out of the system

Mike · 27 July 2023 18:54

Disable LDAP in AMPConfig.conf then use ResetLogin - the next update has some changes to how LDAP behaves to work with more LDAP providers in line with this issue: LDAP SSO: Change how AMP passes the username and filter to the LDAP server. · Issue #903 · CubeCoders/AMP · GitHub

vlandarr · 28 July 2023 22:56

Thanks. I ended up doing a reinstall shortly after, since I had just installed a few days ago. Learned after that I couldn’t have both LDAP and direct users. Good to know more features are coming for LDAP integration… definitely not necessary in my case, but definitely a nice-to-have.