Hello!
We have set up a fresh instance and now want to put the LDAP plugin into operation. So far it works, but the role mapping does not work as desired. Every user who logs in is assigned the role of moderator. What are we doing wrong?
Config:
Best Regards
Hello,
Don’t you have to set « member= », or something alike, before the DN ?
You mean for « Moderator group DN » (for example)?
Ive tried it like this and with « memberOf= » but the user cant login if its set. (logs stating the user got no allowed ldap group)
I looked at the code and the « Group filter » field has " (member={{dn}}) as default.
Do you try this value instead of « objectClass=* » ? (And keep all your DN as the image you shared)
Yes but my users cant login with it. Error message always « user credentials are invalid » and on login screen « user credentials invalid » (they are not invalid)
Sorry, I can not help you so far. Maybe look at this closed Peetube issues
ouvert 02:56AM - 22 May 20 UTC
fermé 07:56AM - 04 Jun 20 UTC
Type: Question
Component: Auth
**Error**: LDAP Invalid grant: user credentials are invalid
**Error Message**: …
warn[5/22/2020, 10:15:28 AM] Cannot login m8888@example.com in LDAP plugin.
{
"err": "no such user: \"m8888@example.com\""
}
warn[5/22/2020, 10:15:28 AM] Login error.
{
"err": {
"statusCode": 400,
"status": 400,
"code": 400,
"message": "Invalid grant: user credentials are invalid",
"name": "invalid_grant",
"stack": "invalid_grant: Invalid grant: user credentials are invalid\n at new InvalidGrantError (/var/www/peertube/versions/peertube-v2.2.0-rc.1/node_modules/oauth2-server/lib/errors/invalid-grant-error.js:27:14)\n at /var/www/peertube/versions/peertube-v2.2.0-rc.1/node_modules/oauth2-server/lib/grant-types/password-grant-type.js:94:15\n at tryCatcher (/var/www/peertube/versions/peertube-v2.2.0-rc.1/node_modules/bluebird/js/release/util.js:16:23)\n at Promise._settlePromiseFromHandler (/var/www/peertube/versions/peertube-v2.2.0-rc.1/node_modules/bluebird/js/release/promise.js:547:31)\n at Promise._settlePromise (/var/www/peertube/versions/peertube-v2.2.0-rc.1/node_modules/bluebird/js/release/promise.js:604:18)\n at Promise._settlePromise0 (/var/www/peertube/versions/peertube-v2.2.0-rc.1/node_modules/bluebird/js/release/promise.js:649:10)\n at Promise._settlePromises (/var/www/peertube/versions/peertube-v2.2.0-rc.1/node_modules/bluebird/js/release/promise.js:729:18)\n at _drainQueueStep (/var/www/peertube/versions/peertube-v2.2.0-rc.1/node_modules/bluebird/js/release/async.js:93:12)\n at _drainQueue (/var/www/peertube/versions/peertube-v2.2.0-rc.1/node_modules/bluebird/js/release/async.js:86:9)\n at Async._drainQueues (/var/www/peertube/versions/peertube-v2.2.0-rc.1/node_modules/bluebird/js/release/async.js:102:5)\n at Immediate.Async.drainQueues [as _onImmediate] (/var/www/peertube/versions/peertube-v2.2.0-rc.1/node_modules/bluebird/js/release/async.js:15:14)\n at runCallback (timers.js:705:18)\n at tryOnImmediate (timers.js:676:5)\n at processImmediate (timers.js:658:5)"
}
Version: peertube-v2.2.0-rc.1
OS: ubuntu-18.04.4-desktop-amd64.iso
LDAP plugin: auth-ldap 0.0.3
Search filter: (|(mail={{mail}})(uid={{sAMAccountName}}))
Mail property: mail
Username property: sAMAccountName
Hi Sir.
Could you provide the document about how to configure the ldap in Peertube? Thanks.
unfortunately ive tried and read all contributions ive found without any success but thank you for your help!
