LDAP only allows first user to login, and then doesn't work for following users #259

New Issue

Closed

opened 2026-02-04 18:07:57 +03:00 by OVERLORD · 2 comments

OVERLORD commented 2026-02-04 18:07:57 +03:00

Owner

Copy Link

Originally created by @Chluz on GitHub (Feb 6, 2017).

For Bug Reports

• BookStack Version: BookStack v0.14.3
• PHP Version: PHP 7.0.13-0ubuntu0.16.04.1
• MySQL Version: mysql Ver 14.14 Distrib 5.7.17

Expected Behavior

LDAP users from the group WikiGroup should be able to login

Actual Behavior

Only the initial login from a member of the group WikiGroup was successful, further logins from that user also work, but logins from other users fail with the message 'These credentials do not match our records.'

The config used is as follows (domain name sanitised). As you can see I tried a few things

# LDAP Settings
#LDAP_SERVER=ad.example.com:389
LDAP_SERVER=ldaps://ad.example.com:636
LDAP_BASE_DN=dc=ad,dc=example,dc=com
#LDAP_BASE_DN=OU=Family,OU=PhysicalUsers,DC=ad,DC=example,DC=com
LDAP_DN=cn=WikiAdmin,ou=WikiAccess,OU=LDAP_OU,dc=ad,dc=example,dc=com
LDAP_PASS=blabla
LDAP_USER_FILTER=(&(objectclass=person)(memberOf:1.2.840.113556.1.4.1941:=CN=WikiGroup,OU=WikiAccess,OU=LDAP_OU,DC=ad,DC=example,DC=com))
#LDAP_USER_FILTER=(&(objectClass=user)(sAMAccountName=%s))
#LDAP_USER_FILTER=(&(uid=${user}))
#LDAP_USER_FILTER=(&(uid=user))
LDAP_VERSION=false

Even with APP_DEBUG=true, no additional logs for ldap are being printed to storage/logs/laravel.log
The LDAP server is a samba active directory setup, samba version 4.4.5.

I'm trying to see if I can switch from dokuwiki to bookstack, but I won't be able to do that until I can sort out this ldap problem. Any ideas welcome.

Originally created by @Chluz on GitHub (Feb 6, 2017). ### For Bug Reports * BookStack Version: BookStack v0.14.3 * PHP Version: PHP 7.0.13-0ubuntu0.16.04.1 * MySQL Version: mysql Ver 14.14 Distrib 5.7.17 ##### Expected Behavior LDAP users from the group WikiGroup should be able to login ##### Actual Behavior Only the initial login from a member of the group WikiGroup was successful, further logins from that user also work, but logins from other users fail with the message 'These credentials do not match our records.' The config used is as follows (domain name sanitised). As you can see I tried a few things ``` # LDAP Settings #LDAP_SERVER=ad.example.com:389 LDAP_SERVER=ldaps://ad.example.com:636 LDAP_BASE_DN=dc=ad,dc=example,dc=com #LDAP_BASE_DN=OU=Family,OU=PhysicalUsers,DC=ad,DC=example,DC=com LDAP_DN=cn=WikiAdmin,ou=WikiAccess,OU=LDAP_OU,dc=ad,dc=example,dc=com LDAP_PASS=blabla LDAP_USER_FILTER=(&(objectclass=person)(memberOf:1.2.840.113556.1.4.1941:=CN=WikiGroup,OU=WikiAccess,OU=LDAP_OU,DC=ad,DC=example,DC=com)) #LDAP_USER_FILTER=(&(objectClass=user)(sAMAccountName=%s)) #LDAP_USER_FILTER=(&(uid=${user})) #LDAP_USER_FILTER=(&(uid=user)) LDAP_VERSION=false ``` Even with APP_DEBUG=true, no additional logs for ldap are being printed to storage/logs/laravel.log The LDAP server is a samba active directory setup, samba version 4.4.5. I'm trying to see if I can switch from dokuwiki to bookstack, but I won't be able to do that until I can sort out this ldap problem. Any ideas welcome.

OVERLORD closed this issue 2026-02-04 18:08:01 +03:00

OVERLORD commented 2026-02-04 18:08:04 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Feb 23, 2017):

Hi @Chluz, Sorry for my late reply and this problem you are experiencing. This is a strange one.

Could other users register via LDAP or did that fail aswell?

@ssddanbrown commented on GitHub (Feb 23, 2017): Hi @Chluz, Sorry for my late reply and this problem you are experiencing. This is a strange one. Could other users register via LDAP or did that fail aswell?

OVERLORD commented 2026-02-04 18:08:12 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (May 7, 2019):

Since the last comment on this issue is relatively old I'm going to close this. If the issue remains and is something you still require to be fixed please open a new issue.

@ssddanbrown commented on GitHub (May 7, 2019): Since the last comment on this issue is relatively old I'm going to close this. If the issue remains and is something you still require to be fixed please open a new issue.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

development

l10n_development

further_theme_development

release

llm_only

vectors

v25-11

docker_env

drawio_rendering

user_permissions

ldap_host_failover

svg_image

prosemirror

captcha_example

fix/video-export

v25.12.3

v25.12.2

v25.12.1

v25.12

v25.11.6

v25.11.5

v25.11.4

v24.11.4

v25.11.3

v25.11.2

v25.11.1

v25.11

v25.07.3

v25.07.2

v25.07.1

v25.07

v25.05.2

v25.05.1

v25.05

v25.02.5

v25.02.4

v25.02.3

v25.02.2

v25.02.1

v25.02

v24.12.1

v24.12

v24.10.3

v24.10.2

v24.10.1

v24.10

v24.05.4

v24.05.3

v24.05.2

v24.05.1

v24.05

v24.02.3

v24.02.2

v24.02.1

v24.02

v23.12.3

v23.12.2

v23.12.1

v23.12

v23.10.4

v23.10.3

v23.10.2

v23.10.1

v23.10

v23.08.3

v23.08.2

v23.08.1

v23.08

v23.06.2

v23.06.1

v23.06

v23.05.2

v23.05.1

v23.05

v23.02.3

v23.02.2

v23.02.1

v23.02

v23.01.1

v23.01

v22.11.1

v22.11

v22.10.2

v22.10.1

v22.10

v22.09.1

v22.09

v22.07.3

v22.07.2

v22.07.1

v22.07

v22.06.2

v22.06.1

v22.06

v22.04.2

v22.04.1

v22.04

v22.03.1

v22.03

v22.02.3

v22.02.2

v22.02.1

v22.02

v21.12.5

v21.12.4

v21.12.3

v21.12.2

v21.12.1

v21.12

v21.11.3

v21.11.2

v21.11.1

v21.11

v21.10.3

v21.10.2

v21.10.1

v21.10

v21.08.6

v21.08.5

v21.08.4

v21.08.3

v21.08.2

v21.08.1

v21.08

v21.05.4

v21.05.3

v21.05.2

v21.05.1

v21.05

v21.04.6

v21.04.5

v21.04.4

v21.04.3

v21.04.2

v21.04.1

v21.04

v0.31.8

v0.31.7

v0.31.6

v0.31.5

v0.31.4

v0.31.3

v0.31.2

v0.31.1

v0.31.0

v0.30.7

v0.30.6

v0.30.5

v0.30.4

v0.30.3

v0.30.2

v0.30.1

v0.30.0

v0.29.3

v0.29.2

v0.29.1

v0.29.0

v0.28.3

v0.28.2

v0.28.1

v0.28.0

v0.27.5

v0.27.4

v0.27.3

v0.27.2

v0.27.1

v0.27

v0.26.4

v0.26.3

v0.26.2

v0.26.1

v0.26.0

v0.25.5

v0.25.4

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.0

v0.18.5

v0.18.4

v0.18.3

v0.18.2

v0.18.1

v0.18.0

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.1

v0.13.0

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.2

v0.8.1

v0.8.0

v0.7.6

v0.7.5

v0.7.4

v0.7.3

0.7.2

v.0.7.1

v0.7.0

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.0

Labels

Clear labels

🎨 Design

📖 Docs Update

🐛 Bug

🐛 Bug

:cat2:🐈 Possible duplicate

💿 Database

☕ Open to discussion

💻 Front-End

🐕 Support

🚪 Authentication

🌍 Translations

🔌 API Task

🏭 Back-End

⛲ Upstream

🔨 Feature Request

🛠️ Enhancement

🛠️ Enhancement

🛠️ Enhancement

❤️ Happy feedback

🔒 Security

🔍 Pending Validation

💆 UX

📝 WYSIWYG Editor

🌔 Out of scope

🔩 API Request

:octocat: Admin/Meta

🖌️ View Customization

❓ Question

🚀 Priority

🛡️ Blocked

🚚 Export System

♿ A11y

🔧 Maintenance

> Markdown Editor

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#259