ldap_bind(): Unable to bind to server: Invalid credentials #3352

New Issue

Closed

opened 2026-02-05 06:26:47 +03:00 by OVERLORD · 7 comments

OVERLORD commented 2026-02-05 06:26:47 +03:00

Owner

Copy Link

Originally created by @MInus63 on GitHub (Nov 18, 2022).

Attempted Debugging

• I have read the debugging page

Searched GitHub Issues

• I have searched GitHub for the issue.

Describe the Scenario

Good morning
I'm trying to connect my Bookstack server (on Debian 11) to my active directory but it doesn't work and I can't figure out why.
I still get the same answer (ldap_bind(): Unable to bind to server: Invalid credentials) even though my active directory user is working perfectly.
Here is the AD part of my configuration file

# General auth
AUTH_METHOD=ldap

# The LDAP host, Adding a port is optional
LDAP_SERVER=172.16.10.25:389

# If using LDAP over SSL you should also define the protocol:
# LDAP_SERVER=ldaps://example.com:636

# The base DN from where users will be searched within
LDAP_BASE_DN=DC=domain,DC=lan

# The full DN and password of the user used to search the server
# Can both be left as 'false' (without quotes) to bind anonymously
#LDAP_DN="cn=serviceaccount,ou=People,dc=example,dc=org"
#LDAP_PASS="my#super#secret#password543"
LDAP_DN=CN=adbookstack,OU=bookstackuser,OU=domain,DC=domain,DC=lan
LDAP_PASS=6J8hh3miU222ALN7yZqx

# A filter to use when searching for users
# The user-provided user-name used to replace any occurrences of '${user}'
# If you're setting this option via other means, such as within a docker-compose.yml,
# you may need escape the $, often using $$ or \$ instead.
# Note: This option cannot be used with the docker-compose.yml `env_file` option.
##LDAP: LDAP_USER_FILTER=(&(uid=${user}))
#LDAP_USER_FILTER=(&(sAMAccountName=${user}))
LDAP_USER_FILTER=(|(mail=${user})(sAMAccountName=${user}))

# Set the LDAP version to use when connecting to the server
# Should be set to 3 in most cases.
##LDAP: LDAP_VERSION=3
LDAP_VERSION=3

# Set the property to use as a unique identifier for this user.
# Stored and used to match LDAP users with existing BookStack users.
# Prefixing the value with 'BIN;' will assume the LDAP service provides the attribute value as
# binary data and BookStack will convert the value to a hexidecimal representation.
# Defaults to 'uid'.
##LDAP: LDAP_ID_ATTRIBUTE=uid
LDAP_ID_ATTRIBUTE=BIN;objectGUID

# Set the default 'email' attribute. Defaults to 'mail'
LDAP_EMAIL_ATTRIBUTE=mail

# Set the property to use for a user's display name. Defaults to 'cn'
LDAP_DISPLAY_NAME_ATTRIBUTE=cn

# Set the attribute to use for the user's avatar image.
# Must provide JPEG binary image data.
# Will be used upon login or registration when the user doesn't
# already have an avatar image set.
# Remove this option or set to 'null' to disable LDAP avatar import.
##LDAP: LDAP_THUMBNAIL_ATTRIBUTE=jpegphoto
##AD: LDAP_THUMBNAIL_ATTRIBUTE=thumbnailPhoto
LDAP_THUMBNAIL_ATTRIBUTE=null

# Force TLS to be used for LDAP communication.
# Use this if you can but your LDAP support will need to support it and
# you may need to import your certificate to the BookStack host machine.
# Defaults to 'false'.
##LDAP_START_TLS=false
LDAP_START_TLS=false

# If you need to allow untrusted LDAPS certificates, add the below and uncomment (remove the #)
# Only set this option if debugging or you're absolutely sure it's required for your setup.
# If using php-fpm, you may want to restart it after changing this option to avoid instability.
#LDAP_TLS_INSECURE=true

# If you need to debug the details coming from your LDAP server, add the below and uncomment (remove the #)
# Only set this option if debugging since it will block logins and potentially show private details.
#LDAP_DUMP_USER_DETAILS=true

Without the AD directives, the server works perfectly, I have created my admin user and I can use bookstack normally

Thank you for your help because everything seems OK but it does not work and I am lost

Exact BookStack Version

BookStack v22.10.2

Log Content

stack trace:

#0 [internal function]: Illuminate\Foundation\Bootstrap\HandleExceptions->handleError()
#1 /var/www/BookStack/app/Auth/Access/Ldap.php(107): ldap_bind()
#2 /var/www/BookStack/app/Auth/Access/LdapService.php(186): BookStack\Auth\Access\Ldap->bind()
#3 /var/www/BookStack/app/Auth/Access/LdapService.php(58): BookStack\Auth\Access\LdapService->bindSystemUser()
#4 /var/www/BookStack/app/Auth/Access/LdapService.php(95): BookStack\Auth\Access\LdapService->getUserWithAttributes()
#5 /var/www/BookStack/app/Auth/Access/Guards/LdapSessionGuard.php(72): BookStack\Auth\Access\LdapService->getUserDetails()
#6 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Auth/AuthManager.php(340): BookStack\Auth\Access\Guards\LdapSessionGuard->attempt()
#7 /var/www/BookStack/app/Auth/Access/LoginService.php(157): Illuminate\Auth\AuthManager->__call()
#8 /var/www/BookStack/app/Http/Controllers/Auth/LoginController.php(151): BookStack\Auth\Access\LoginService->attempt()
#9 /var/www/BookStack/app/Http/Controllers/Auth/LoginController.php(82): BookStack\Http\Controllers\Auth\LoginController->attemptLogin()
#10 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): BookStack\Http\Controllers\Auth\LoginController->login()
#11 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(45): Illuminate\Routing\Controller->callAction()
#12 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(262): Illuminate\Routing\ControllerDispatcher->dispatch()
#13 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(205): Illuminate\Routing\Route->runController()
#14 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(721): Illuminate\Routing\Route->run()
#15 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\Routing\Router->Illuminate\Routing\{closure}()
#16 /var/www/BookStack/app/Http/Middleware/CheckGuard.php(27): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#17 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\CheckGuard->handle()
#18 /var/www/BookStack/app/Http/Middleware/RedirectIfAuthenticated.php(31): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#19 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\RedirectIfAuthenticated->handle()
#20 /var/www/BookStack/app/Http/Middleware/Localization.php(45): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#21 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\Localization->handle()
#22 /var/www/BookStack/app/Http/Middleware/RunThemeActions.php(26): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#23 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\RunThemeActions->handle()
#24 /var/www/BookStack/app/Http/Middleware/CheckEmailConfirmed.php(47): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#25 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\CheckEmailConfirmed->handle()
#26 /var/www/BookStack/app/Http/Middleware/PreventAuthenticatedResponseCaching.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#27 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\PreventAuthenticatedResponseCaching->handle()
#28 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php(78): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#29 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\VerifyCsrfToken->handle()
#30 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#31 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\View\Middleware\ShareErrorsFromSession->handle()
#32 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(121): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#33 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(64): Illuminate\Session\Middleware\StartSession->handleStatefulRequest()
#34 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Session\Middleware\StartSession->handle()
#35 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#36 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle()
#37 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(67): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#38 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Cookie\Middleware\EncryptCookies->handle()
#39 /var/www/BookStack/app/Http/Middleware/ApplyCspRules.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#40 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\ApplyCspRules->handle()
#41 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#42 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(723): Illuminate\Pipeline\Pipeline->then()
#43 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(698): Illuminate\Routing\Router->runRouteWithinStack()
#44 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(662): Illuminate\Routing\Router->runRoute()
#45 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(651): Illuminate\Routing\Router->dispatchToRoute()
#46 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(167): Illuminate\Routing\Router->dispatch()
#47 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}()
#48 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Http/Middleware/TrustProxies.php(39): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#49 /var/www/BookStack/app/Http/Middleware/TrustProxies.php(41): Illuminate\Http\Middleware\TrustProxies->handle()
#50 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\TrustProxies->handle()
#51 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#52 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php(40): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle()
#53 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\TrimStrings->handle()
#54 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#55 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\ValidatePostSize->handle()
#56 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(86): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#57 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance->handle()
#58 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#59 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(142): Illuminate\Pipeline\Pipeline->then()
#60 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(111): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter()
#61 /var/www/BookStack/public/index.php(53): Illuminate\Foundation\Http\Kernel->handle()
#62 {main}

PHP Version

8.1

Hosting Environment

Debian 11 up to date

Originally created by @MInus63 on GitHub (Nov 18, 2022). ### Attempted Debugging - [X] I have read the debugging page ### Searched GitHub Issues - [X] I have searched GitHub for the issue. ### Describe the Scenario Good morning I'm trying to connect my Bookstack server (on Debian 11) to my active directory but it doesn't work and I can't figure out why. I still get the same answer (ldap_bind(): Unable to bind to server: Invalid credentials) even though my active directory user is working perfectly. Here is the AD part of my configuration file ``` # General auth AUTH_METHOD=ldap # The LDAP host, Adding a port is optional LDAP_SERVER=172.16.10.25:389 # If using LDAP over SSL you should also define the protocol: # LDAP_SERVER=ldaps://example.com:636 # The base DN from where users will be searched within LDAP_BASE_DN=DC=domain,DC=lan # The full DN and password of the user used to search the server # Can both be left as 'false' (without quotes) to bind anonymously #LDAP_DN="cn=serviceaccount,ou=People,dc=example,dc=org" #LDAP_PASS="my#super#secret#password543" LDAP_DN=CN=adbookstack,OU=bookstackuser,OU=domain,DC=domain,DC=lan LDAP_PASS=6J8hh3miU222ALN7yZqx # A filter to use when searching for users # The user-provided user-name used to replace any occurrences of '${user}' # If you're setting this option via other means, such as within a docker-compose.yml, # you may need escape the $, often using $$ or \$ instead. # Note: This option cannot be used with the docker-compose.yml `env_file` option. ##LDAP: LDAP_USER_FILTER=(&(uid=${user})) #LDAP_USER_FILTER=(&(sAMAccountName=${user})) LDAP_USER_FILTER=(|(mail=${user})(sAMAccountName=${user})) # Set the LDAP version to use when connecting to the server # Should be set to 3 in most cases. ##LDAP: LDAP_VERSION=3 LDAP_VERSION=3 # Set the property to use as a unique identifier for this user. # Stored and used to match LDAP users with existing BookStack users. # Prefixing the value with 'BIN;' will assume the LDAP service provides the attribute value as # binary data and BookStack will convert the value to a hexidecimal representation. # Defaults to 'uid'. ##LDAP: LDAP_ID_ATTRIBUTE=uid LDAP_ID_ATTRIBUTE=BIN;objectGUID # Set the default 'email' attribute. Defaults to 'mail' LDAP_EMAIL_ATTRIBUTE=mail # Set the property to use for a user's display name. Defaults to 'cn' LDAP_DISPLAY_NAME_ATTRIBUTE=cn # Set the attribute to use for the user's avatar image. # Must provide JPEG binary image data. # Will be used upon login or registration when the user doesn't # already have an avatar image set. # Remove this option or set to 'null' to disable LDAP avatar import. ##LDAP: LDAP_THUMBNAIL_ATTRIBUTE=jpegphoto ##AD: LDAP_THUMBNAIL_ATTRIBUTE=thumbnailPhoto LDAP_THUMBNAIL_ATTRIBUTE=null # Force TLS to be used for LDAP communication. # Use this if you can but your LDAP support will need to support it and # you may need to import your certificate to the BookStack host machine. # Defaults to 'false'. ##LDAP_START_TLS=false LDAP_START_TLS=false # If you need to allow untrusted LDAPS certificates, add the below and uncomment (remove the #) # Only set this option if debugging or you're absolutely sure it's required for your setup. # If using php-fpm, you may want to restart it after changing this option to avoid instability. #LDAP_TLS_INSECURE=true # If you need to debug the details coming from your LDAP server, add the below and uncomment (remove the #) # Only set this option if debugging since it will block logins and potentially show private details. #LDAP_DUMP_USER_DETAILS=true ``` Without the AD directives, the server works perfectly, I have created my admin user and I can use bookstack normally Thank you for your help because everything seems OK but it does not work and I am lost ### Exact BookStack Version BookStack v22.10.2 ### Log Content stack trace: ``` #0 [internal function]: Illuminate\Foundation\Bootstrap\HandleExceptions->handleError() #1 /var/www/BookStack/app/Auth/Access/Ldap.php(107): ldap_bind() #2 /var/www/BookStack/app/Auth/Access/LdapService.php(186): BookStack\Auth\Access\Ldap->bind() #3 /var/www/BookStack/app/Auth/Access/LdapService.php(58): BookStack\Auth\Access\LdapService->bindSystemUser() #4 /var/www/BookStack/app/Auth/Access/LdapService.php(95): BookStack\Auth\Access\LdapService->getUserWithAttributes() #5 /var/www/BookStack/app/Auth/Access/Guards/LdapSessionGuard.php(72): BookStack\Auth\Access\LdapService->getUserDetails() #6 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Auth/AuthManager.php(340): BookStack\Auth\Access\Guards\LdapSessionGuard->attempt() #7 /var/www/BookStack/app/Auth/Access/LoginService.php(157): Illuminate\Auth\AuthManager->__call() #8 /var/www/BookStack/app/Http/Controllers/Auth/LoginController.php(151): BookStack\Auth\Access\LoginService->attempt() #9 /var/www/BookStack/app/Http/Controllers/Auth/LoginController.php(82): BookStack\Http\Controllers\Auth\LoginController->attemptLogin() #10 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): BookStack\Http\Controllers\Auth\LoginController->login() #11 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(45): Illuminate\Routing\Controller->callAction() #12 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(262): Illuminate\Routing\ControllerDispatcher->dispatch() #13 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(205): Illuminate\Routing\Route->runController() #14 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(721): Illuminate\Routing\Route->run() #15 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\Routing\Router->Illuminate\Routing\{closure}() #16 /var/www/BookStack/app/Http/Middleware/CheckGuard.php(27): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #17 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\CheckGuard->handle() #18 /var/www/BookStack/app/Http/Middleware/RedirectIfAuthenticated.php(31): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #19 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\RedirectIfAuthenticated->handle() #20 /var/www/BookStack/app/Http/Middleware/Localization.php(45): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #21 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\Localization->handle() #22 /var/www/BookStack/app/Http/Middleware/RunThemeActions.php(26): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #23 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\RunThemeActions->handle() #24 /var/www/BookStack/app/Http/Middleware/CheckEmailConfirmed.php(47): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #25 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\CheckEmailConfirmed->handle() #26 /var/www/BookStack/app/Http/Middleware/PreventAuthenticatedResponseCaching.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #27 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\PreventAuthenticatedResponseCaching->handle() #28 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php(78): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #29 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\VerifyCsrfToken->handle() #30 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #31 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\View\Middleware\ShareErrorsFromSession->handle() #32 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(121): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #33 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(64): Illuminate\Session\Middleware\StartSession->handleStatefulRequest() #34 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Session\Middleware\StartSession->handle() #35 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #36 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle() #37 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(67): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #38 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Cookie\Middleware\EncryptCookies->handle() #39 /var/www/BookStack/app/Http/Middleware/ApplyCspRules.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #40 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\ApplyCspRules->handle() #41 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #42 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(723): Illuminate\Pipeline\Pipeline->then() #43 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(698): Illuminate\Routing\Router->runRouteWithinStack() #44 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(662): Illuminate\Routing\Router->runRoute() #45 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(651): Illuminate\Routing\Router->dispatchToRoute() #46 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(167): Illuminate\Routing\Router->dispatch() #47 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}() #48 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Http/Middleware/TrustProxies.php(39): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #49 /var/www/BookStack/app/Http/Middleware/TrustProxies.php(41): Illuminate\Http\Middleware\TrustProxies->handle() #50 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\TrustProxies->handle() #51 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #52 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php(40): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle() #53 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\TrimStrings->handle() #54 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #55 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\ValidatePostSize->handle() #56 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(86): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #57 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance->handle() #58 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}() #59 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(142): Illuminate\Pipeline\Pipeline->then() #60 /var/www/BookStack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(111): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter() #61 /var/www/BookStack/public/index.php(53): Illuminate\Foundation\Http\Kernel->handle() #62 {main} ``` ### PHP Version 8.1 ### Hosting Environment Debian 11 up to date

OVERLORD added the 🐕 Support label 2026-02-05 06:26:47 +03:00

OVERLORD closed this issue 2026-02-05 06:26:49 +03:00

OVERLORD commented 2026-02-05 06:26:54 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Nov 18, 2022):

This error does generally indicate that either LDAP_DN and/or LDAP_PASS is incorrect, at least for the set LDAP_SERVER` since the error is occurring on bind of the defined system user. You could check:

• If either of the LDAP_DN or LDAP_PASS values contain special characters, wrap the env option values in double quotes.
• Test the exact same details via another external mechanism, such as using the ldapsearch command/tool with the exact same bind and server details as configured for BookStack.

@ssddanbrown commented on GitHub (Nov 18, 2022): This error does generally indicate that either `LDAP_DN` and/or `LDAP_PASS` is incorrect, at least for the set LDAP_SERVER` since the error is occurring on bind of the defined system user. You could check: - If either of the `LDAP_DN` or `LDAP_PASS` values contain special characters, wrap the env option values in double quotes. - Test the exact same details via another external mechanism, such as using the `ldapsearch` command/tool with the exact same bind and server details as configured for BookStack.

OVERLORD commented 2026-02-05 06:26:59 +03:00

Author

Owner

Copy Link

@MInus63 commented on GitHub (Nov 18, 2022):

So I installed the ldap-utils package and ran the following command

ldapsearch -xLL -b DC=domain,DC=lan -h 172.16.10.25:389 -D adbookstack@domain.lan -W

the command asked me to enter adboostack's password (which has no special characters) and I got the right feedback so it works fine on this side.

but I still have this command feedback: ldap_bind(): Unable to bind to server: Invalid credentials when I use the credentials of a regular user of the domain ( i.e. my own) to connect to the web interface of the bookstack server

@MInus63 commented on GitHub (Nov 18, 2022): So I installed the ldap-utils package and ran the following command `ldapsearch -xLL -b DC=domain,DC=lan -h 172.16.10.25:389 -D adbookstack@domain.lan -W` the command asked me to enter adboostack's password (which has no special characters) and I got the right feedback so it works fine on this side. but I still have this command feedback: `ldap_bind(): Unable to bind to server: Invalid credentials` when I use the credentials of a regular user of the domain ( i.e. my own) to connect to the web interface of the bookstack server

OVERLORD commented 2026-02-05 06:27:02 +03:00

Author

Owner

Copy Link

@MInus63 commented on GitHub (Nov 18, 2022):

After the advice of a friend, I extracted the distinguished name of adbookstack in AD, I copied it in LDAP_DN= and it finally works.

Sorry for the inconvenience, it's solved

Best regards

@MInus63 commented on GitHub (Nov 18, 2022): After the advice of a friend, I extracted the distinguished name of adbookstack in AD, I copied it in LDAP_DN= and it finally works. Sorry for the inconvenience, it's solved Best regards

OVERLORD commented 2026-02-05 06:27:06 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Nov 18, 2022):

Good to hear, will therefore close this off.

@ssddanbrown commented on GitHub (Nov 18, 2022): Good to hear, will therefore close this off.

OVERLORD commented 2026-02-05 06:27:10 +03:00

Author

Owner

Copy Link

@MInus63 commented on GitHub (Nov 18, 2022):

lol but now, i can't open bookstack with my initial admin localuser !!

@MInus63 commented on GitHub (Nov 18, 2022): lol but now, i can't open bookstack with my initial admin localuser !!

OVERLORD commented 2026-02-05 06:27:16 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Nov 18, 2022):

Please see about 13:49 in my video here: https://youtu.be/50qw_LkhwoM?t=829

@ssddanbrown commented on GitHub (Nov 18, 2022): Please see about 13:49 in my video here: https://youtu.be/50qw_LkhwoM?t=829

OVERLORD commented 2026-02-05 06:27:18 +03:00

Author

Owner

Copy Link

@MInus63 commented on GitHub (Nov 18, 2022):

Thank you for all

it works perfectly

@MInus63 commented on GitHub (Nov 18, 2022): Thank you for all it works perfectly

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

development

l10n_development

release

llm_only

vectors

v25-11

docker_env

drawio_rendering

user_permissions

ldap_host_failover

svg_image

prosemirror

captcha_example

fix/video-export

v25.12.3

v25.12.2

v25.12.1

v25.12

v25.11.6

v25.11.5

v25.11.4

v24.11.4

v25.11.3

v25.11.2

v25.11.1

v25.11

v25.07.3

v25.07.2

v25.07.1

v25.07

v25.05.2

v25.05.1

v25.05

v25.02.5

v25.02.4

v25.02.3

v25.02.2

v25.02.1

v25.02

v24.12.1

v24.12

v24.10.3

v24.10.2

v24.10.1

v24.10

v24.05.4

v24.05.3

v24.05.2

v24.05.1

v24.05

v24.02.3

v24.02.2

v24.02.1

v24.02

v23.12.3

v23.12.2

v23.12.1

v23.12

v23.10.4

v23.10.3

v23.10.2

v23.10.1

v23.10

v23.08.3

v23.08.2

v23.08.1

v23.08

v23.06.2

v23.06.1

v23.06

v23.05.2

v23.05.1

v23.05

v23.02.3

v23.02.2

v23.02.1

v23.02

v23.01.1

v23.01

v22.11.1

v22.11

v22.10.2

v22.10.1

v22.10

v22.09.1

v22.09

v22.07.3

v22.07.2

v22.07.1

v22.07

v22.06.2

v22.06.1

v22.06

v22.04.2

v22.04.1

v22.04

v22.03.1

v22.03

v22.02.3

v22.02.2

v22.02.1

v22.02

v21.12.5

v21.12.4

v21.12.3

v21.12.2

v21.12.1

v21.12

v21.11.3

v21.11.2

v21.11.1

v21.11

v21.10.3

v21.10.2

v21.10.1

v21.10

v21.08.6

v21.08.5

v21.08.4

v21.08.3

v21.08.2

v21.08.1

v21.08

v21.05.4

v21.05.3

v21.05.2

v21.05.1

v21.05

v21.04.6

v21.04.5

v21.04.4

v21.04.3

v21.04.2

v21.04.1

v21.04

v0.31.8

v0.31.7

v0.31.6

v0.31.5

v0.31.4

v0.31.3

v0.31.2

v0.31.1

v0.31.0

v0.30.7

v0.30.6

v0.30.5

v0.30.4

v0.30.3

v0.30.2

v0.30.1

v0.30.0

v0.29.3

v0.29.2

v0.29.1

v0.29.0

v0.28.3

v0.28.2

v0.28.1

v0.28.0

v0.27.5

v0.27.4

v0.27.3

v0.27.2

v0.27.1

v0.27

v0.26.4

v0.26.3

v0.26.2

v0.26.1

v0.26.0

v0.25.5

v0.25.4

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.0

v0.18.5

v0.18.4

v0.18.3

v0.18.2

v0.18.1

v0.18.0

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.1

v0.13.0

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.2

v0.8.1

v0.8.0

v0.7.6

v0.7.5

v0.7.4

v0.7.3

0.7.2

v.0.7.1

v0.7.0

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.0

Labels

Clear labels

🎨 Design

📖 Docs Update

🐛 Bug

🐛 Bug

:cat2:🐈 Possible duplicate

💿 Database

☕ Open to discussion

💻 Front-End

🐕 Support

🚪 Authentication

🌍 Translations

🔌 API Task

🏭 Back-End

⛲ Upstream

🔨 Feature Request

🛠️ Enhancement

🛠️ Enhancement

🛠️ Enhancement

❤️ Happy feedback

🔒 Security

🔍 Pending Validation

💆 UX

📝 WYSIWYG Editor

🌔 Out of scope

🔩 API Request

:octocat: Admin/Meta

🖌️ View Customization

❓ Question

🚀 Priority

🛡️ Blocked

🚚 Export System

♿ A11y

🔧 Maintenance

> Markdown Editor

pull-request

Mirrored from GitHub Pull Request

No Label 🐕 Support

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#3352