LDAP Authorisation

Please post here if you have problems in using Wing FTP Server.
Post Reply
StenAaboHansen
Posts: 40
Joined: Mon Feb 09, 2015 8:50 pm

LDAP Authorisation

Post by StenAaboHansen »

I am trying to configere LDAP authorisation but cant get it to function.

The configuration look like
HOST: aaa.bbb.cc (my AD domain name)
PORT: 389 (my LDAP portnumber)
BASE DN: dc=aaa,dc=bbb,dc=cc (LDAP string to my AD Domain)
User Filter: (&(objectClass=user)(sAMAccountnam=%s))
LDAP version: 3

The connection test return: Connect to LDAP server succesfully!

but when i try to connect from a webclient i get the following error in the WINGFTP Server's Domain Log

[14] sat,25 Jul 2015 16:16:40 An error occurs when doing LDAP::ldap_search s.Error code=1
[06] sat 25 Jul 2015 16:16:40 (00000000) User 'xxxxxxx' login failed (IP:xx.xx.xx.xx)

Looking up the errorcode it says LDAP_OPERATIONS_ERROR, but it dos not HELP me ?
eruiz
Posts: 3
Joined: Tue Apr 21, 2015 2:59 pm

Re: LDAP Authorisation

Post by eruiz »

I had major issues with this as well. The documentation wing ftp has isn't very good. First try doing this. Use port 3268, if that doesn't work change your user filter to: (&(objectClass=user)(sAMAccountName=%s))

Finally, if that doesn't work change your Bind DN to:

CN=LDAP,OU=XXX,DC=XXX,DC=XXX

Also note, that you'll need to map your AD account to a local user to make sure it's working. Don't try a group just yet. That can be a pain as well. Map a user then go from there. Note, you just need the username and not domain\username or username@domain. The example here would redirect the ldap user bsmith to the local profile of admin "bsmith:admin".

For groups, you can't just call out the ldap group. That's false. you have to use the entire CN pathing. An example of that would be for domain admins to point to the local profile of admin: CN=Domain Admins,CN=Users,DC=XXX,DC=XXX:admin

Hope that helps!
Post Reply