0

More authentication debug tools and debug mode

Steve Shipway 7 years ago updated by Rafa Orteu 7 years ago 3

Debugging authentication issues is awkward.  It would help to have a Debug mode available for this.  For example, in the LDAP Configuration page, there is a test available, but it does not provide any details as to why a login failed - it could be in bind, search, group, password...  It would be helpful to have details on exactly what was done.  Also, in a "Debug authentication" mode, we could get detailed logs of all logins, so as to be able to track down configuration issues with 2FA and multiple login methods.

Hello Steve. As you are saying, I am not able to get ldap auth working and I can not figure what the problem is. If ldap auth is working for you, could you please give me some advice to configure ldap auth against a bind Server (not ad). Thank you very much.

I have the LDAP auth working here, at last.  I can share what I found out.

* The admin account logs in with the local password, other accounts with the LDAP password

* The local account needs to exist before you can log in with the LDAP.  Disabling the "teampass local users only" option automatically makes the new account, but doesn't fill in name or email address, which means you cant have 2FA until someone sets these.

* I use the "Posix SearchBased" LDAP type, with Account Suffix and Group blank

* The 'test current configuration' doesn't work, although the logins do.  This may be because we have 2FA enabled?



Our system uses email address (smxMailboxAddress) and LDAP password to log in, and we have a special Class attribute (smxMailbox).


It would be really, really good if under "Newly created user is administered by" there were also fields for "populate name from LDAP attribute" and "populate email address from ldap attribute".  Also, "Newly created users are given this role" would be good, and a "Send initial 2FA email to newly created users" checkbox...

Hi Steve,


I've been able to configure ldap connectivity, my issue was that test is not working although I could connect through ldap authentication.


Now I'm not able to find the import button to import from keepass. I'm trying to figure it out.


Thank you very much for your answer.