LDAP Login Not Working

@saurabh6790 Can you please tell me / help me on how to uninstall or remove the previous manual installation of LDAP?? Now that i have updated to version 7.1.3 , the LDAP app is breaking my login screen / portal

see below error please

Traceback (most recent call last):
File “/home/frappe/frappe-bench/apps/frappe/frappe/website/render.py”, line 32, in render
data = render_page_by_language(path)
File “/home/frappe/frappe-bench/apps/frappe/frappe/website/render.py”, line 101, in render_page_by_language
return render_page(path)
File “/home/frappe/frappe-bench/apps/frappe/frappe/website/render.py”, line 117, in render_page
return build(path)
File “/home/frappe/frappe-bench/apps/frappe/frappe/website/render.py”, line 124, in build
return build_page(path)
File “/home/frappe/frappe-bench/apps/frappe/frappe/website/render.py”, line 140, in build_page
html = frappe.render_template(context.source, context)
File “/home/frappe/frappe-bench/apps/frappe/frappe/utils/jinja.py”, line 50, in render_template
return get_jenv().from_string(template).render(context)
File “/home/frappe/frappe-bench/env/local/lib/python2.7/site-packages/jinja2/environment.py”, line 989, in render
return self.environment.handle_exception(exc_info, True)
File “/home/frappe/frappe-bench/env/local/lib/python2.7/site-packages/jinja2/environment.py”, line 754, in handle_exception
reraise(exc_type, exc_value, tb)
File “”, line 78, in top-level template code
File “”, line 78, in block “script_lib”
File “/home/frappe/frappe-bench/apps/frappe/frappe/./templates/includes/login/login.js”, line 58, in top-level template code
args.cmd = “{{ ldap_settings.method }}”;
File “/home/frappe/frappe-bench/env/local/lib/python2.7/site-packages/jinja2/environment.py”, line 408, in getattr
return getattr(obj, attribute)
UndefinedError: ‘ldap_settings’ is undefined

Guys, I made a short video tutorial showing how to enable LDAP on NextERP 3.1.7.
In this version (3.1.7) it is very simple:

https://www.youtube.com/watch?v=UuGzzz9UAkc

Hi Thiago

Sorry, No, this is not about enabling LDAP, i know how to do that. I had LDAP installed as a separate Application, “before” it was part of the 7.1 version.

if you had LDAP enabled before the latest release then you get the above errors, meaning should uninstall the app that i installed manually in the first place, and this is what i am asking help for, how to uninstall, not how to add.

can someone help with this please?

many thanks

Uninstall app using command

bench uninstall-app app_name

Uninstall app from specific site

bench --site site_name uninstall-app app_name

thank you, but i still get the below
Traceback (most recent call last):
File “/home/frappe/frappe-bench/apps/frappe/frappe/website/render.py”, line 32, in render
data = render_page_by_language(path)
File “/home/frappe/frappe-bench/apps/frappe/frappe/website/render.py”, line 101, in render_page_by_language
return render_page(path)
File “/home/frappe/frappe-bench/apps/frappe/frappe/website/render.py”, line 117, in render_page
return build(path)
File “/home/frappe/frappe-bench/apps/frappe/frappe/website/render.py”, line 124, in build
return build_page(path)
File “/home/frappe/frappe-bench/apps/frappe/frappe/website/render.py”, line 140, in build_page
html = frappe.render_template(context.source, context)
File “/home/frappe/frappe-bench/apps/frappe/frappe/utils/jinja.py”, line 50, in render_template
return get_jenv().from_string(template).render(context)
File “/home/frappe/frappe-bench/env/local/lib/python2.7/site-packages/jinja2/environment.py”, line 989, in render
return self.environment.handle_exception(exc_info, True)
File “/home/frappe/frappe-bench/env/local/lib/python2.7/site-packages/jinja2/environment.py”, line 754, in handle_exception
reraise(exc_type, exc_value, tb)
File “”, line 78, in top-level template code
File “”, line 78, in block “script_lib”
File “/home/frappe/frappe-bench/apps/frappe/frappe/./templates/includes/login/login.js”, line 58, in top-level template code
args.cmd = “{{ ldap_settings.method }}”;
File “/home/frappe/frappe-bench/env/local/lib/python2.7/site-packages/jinja2/environment.py”, line 408, in getattr
return getattr(obj, attribute)
UndefinedError: ‘ldap_settings’ is undefined

Thank you again,

the full command for this from frappe-bench was bench uninstall-app frappe_ldap

Did another bench udate , and all works fine now, can see the list of service integrations and all the rest.

thanks guys

@Thiago_Pereira Hi Thiago
Do you still have this video? I would appreciate it if you could send it to me. Thanks

Are you needing help to enable LDAP, or the LDAP settings?

Hi Paul @pmjd
Yes,

I think I did well in preparing the LDAP setup on windows server side, and also I have tried my best to insert all details the right way in LDAP settings on ERPNext side.

Now LDAP is enabled in the system BUT once I try to sign in with LDAP using one of AD users credentials the system seems like it’s not recognizing the AD users yet.

Can you help in addressing the issue?

I also had issues in getting LDAP working with Active Directory but it is working now. Have a look at the settings in this post and see if they help.

Also make sure users click on the Login with LDAP button, rather than Login, that has confused a few folk.

Well this is the post I used to follow the LDAP settings step by step with but eventually it didn’t work unfortunately

Will you be able to share your full LDAP settings so that I can compare it to mine? @pmjd

They are my full settings, anonymised as needed.

Do you know if your LDAP/Active Directory settings work with anything else? I was using the snipe-IT IT inventory program, also with LDAP, so I knew the user account I had setup for LDAP authenication was working.

At first, the system was accepting the settings I’m adding but I can’t login using LDAP login with any user I have from MS AD.

Now I’m facing a new error " ldap3.core.exceptions.LDAPSocketOpenError: invalid server address " when trying to add almost the same settings I’ve added before.

I have followed this video in configuring LDAP in windows server How to Setup Configuration LDAP on Windows Server 2019,LDAP Configuration on Windows Server 2019 - YouTube

and followed your LDAP settings in ERPNext.

@pmjd

Update

I got rid of the above error and now we are back to the verifying to infinity situation.

Sorry I’m away for a few days, will try and help more once I’m back and have full access to everything. Try and see if your LDAP Windows account has the right permissions using another way.

Hi,

Have you been able to confirm that the windows server LDAP account works?

Thanks for your efforts @pmjd,

Please let me know if you could help with any additional information once you’re back.
I’m still struggling with the integration.

I also noticed these couple of errors in the logs:
(
2023-01-01 20:17:17,991 ERROR frappe New Exception collected with id: 2023-01-01 20:17:17.987233-192.168.2.110-52b
Site: site1.local
Form Dict: {‘cmd’: ‘frappe.integrations.doctype.ldap_settings.ldap_settings.logi n’, ‘usr’: ‘user1’, ‘device’: ‘desktop’}
)
(
500 INTERNAL SERVER ERROR
)

By the way I tried this LDAP windows account with another system and it worked fine I could log in with the AD users I have.

Hi @pmjd

Many Thanks for your efforts. I finally solved the issue the sign in problem was caused due to the lack of email felling in the AD user crearion
So once I added emails to my AD users I could normally sign in with LDAP in ERPNext.

Now I’m struggling with LDAP group mapping. All users are registered with no roles even if I tried to separate them based on groups in the provided table in the LDAP settings.

Do you have any idea on how to specify customized permissions with LDAP user creation?

Glad to hear you’ve got it working. I came across the same issue when I was settling up and had to update our accounts accordingly.

Unfortunately I haven’t tried group mapping yet, as I’m still setting up with a lot of customisations on the install. Hopefully someone else can help you out

@pmjd
Thanks and good luck