[HelenG]

Hi,

We use the ProcessMaker Community edition and we have a serious problem with the Authentication services LDAP feature.

In our development environment we utilise an LDAP for users and all the import features etc. work. The structure of the LDAP is not complex here.

In our PreProduction environment we use the LDAP interface of an Active Directory. We have tested directly from the server that all the ports and services work correctly and that we can obtain user listings etc. However, when we use the same credentials within the Authentication services of ProcessMaker we receive No records found when performing both a blank search and a user specific search.

Is it possible that the LDAP feature of ProcessMaker cannot handle complex AD set-ups? Or that there are definite elements we should avoid within our AD?

System:PHP 5.5, Centos 7

[amosbatto]

The LDAP in the community edition can't import Active Directory groups, but LDAP in the Enterprise Edition can import Active Directory groups. But there shouldn't be any problem importing users in the community edition. You might not have configured it correctly, but it might also be a problem that PM doesn't recognize your organizational structure to find the users. What is the Distinguished Name of a typical user in your organization?

[amosbatto]

Also what version of Windows is your Active Directory server? We haven't tested AD from all versions of Windows.

By the way, if you want to test if the LDAP importer in the Enterprise Edition solves your problem, you can call/email the ProcessMaker Sales Department and ask for a free trial.

[HelenG]

Distinguished Name

CN=GOUPIOU Eleni,OU=OfficeUsers,OU=Users,OU=Luxembourg,DC=luxembourg,DC=companyname,DC=private

Can pm deal with a tree structure, where some zones are in a secondary server and the are linked into the Main server part?
It is possible to access directly a “slave” server for the information the slave server is provisioning?

[amosbatto]

I'm not sure if having slave servers will cause a problem. My advice is to try creating a simple AD structure without slave servers and see if ProcessMaker can handle it. You are going to have to test it to figure out what is causing the problem. And please file a bug report if you find the problem.

[jhosue82]

Hi,

Does the Authentication in Community Edition works with openLdap? I have been trying to set this up with no success. I have made the following configuration with no success:



The error message I am receiving is the following:

Unable to bind to server : <my-ldap-ip> in port 389

When I test the same configuration from my own LDAP client (jExplorer) it works perfectly, the only difference is that in jExplorer I have to set the entire User DN instead of only the User Name.

I have checked network access, and my pm server (ubuntu) is perfectly able to telnet to the ip/port of my LDAP server.

Is there any log file in which I could search for detailed errors about this issue?

Thanks.

[sparedes]

I'm having the same issue and was curious if you ever got to solve this?
Thanks!

[amosbatto]

I have imported users from OpenLDAP into PM, but I haven't tried it in the last 2 years, so I don't know with recent versions of PM. I don't know of any log file for LDAP.

One thing to keep in mind is that you can't import a user account if that username already exists. In the screenshot, you have an "admin" user in LDAP, which can't be imported if you already have an "admin" user in ProcessMaker.

Also remember to search for the name of the user when trying to import from LDAP. If the LDAP source has a large number of users, ProcessMaker won't be able to display the iist of available users, so you need to narrow the search to see the users to import.

[lumusislight]

Distinguished Name

CN=GOUPIOUEleni,OU=OfficeUsers,OU=Users,OU=Luxembourg,DC=luxembourg,DC=companyessaytyper.pro,DC=private
Can pm deal with a tree structure, where some zones are in a secondary server and the are linked into the Main server part?
It is possible to access directly a “slave” server for the information the slave server is provisioning?

Hello Helen,

Did you manage to find the solution? I had this message: "No records found for the search criteria entered", when I tried to import LDAP users to PM. I've just created a ticked via the support portal https://www.processmaker.com/supportPortal , but it is still unsolved.