LDAP integration issue

JayG30 · June 19, 2018, 8:05pm

Testing out LDAP integration to Active Directory (samba4 actually). The way we structure our active directory for user accounts is like;

OU=accounts
|---OU=IT
|      |---CN=user1
|      |---CN=user2
|---OU=Manufacturing
       |---CN=user3
       |---CN=user4

Basically OU=accounts is the top OU and under that are OU’s for each department.

When I try to set the LDAP settings to point to the OU=accounts attempts to login show “verifying” or “not a valid account” depending on what I put in LDAP Search String.

If I change the OU to point to a departmental OU (say IT) the LDAP login works.

Is something perhaps stopping it from querying sub OU’s? Or perhaps I just need a specific LDAP Search String. The info I’ve found around LDAP settings is geared towards something like OpenLDAP with references to uid. Active Directory doesn’t use the same parameters.

Muzzy · October 12, 2018, 11:58am

We also have been trying to use LDAP to Active Directory for login. Multiple issues are stopping is from creating user in Active Directory, connecting ERPNext LDAP to AD for verification.

Please share any information if you have been successful. Thank you.

rahim_ahmed · January 3, 2019, 2:36pm

i’ve got microsoft active directory working with ERPnext - see my post ERPNext Active Directory - #6 by rahim_ahmed