Hello folks, I need some help to configure login via LDAP on hashicorp vault, i’ve setted up vault via kubernetes and its working fine, now I want to use Zentyal server (https://zentyal.com/) to autenticate.
The error i’m getting:
Error authenticating: Error making API request.
URL: PUT http://127.0.0.1:8200/v1/auth/ldap/login/lucas.aleixo
Code: 403. Errors:
* permission denied
OR/ SOMETIMES
Error authenticating: Error making API request.
URL: PUT http://127.0.0.1:8200/v1/auth/ldap/login/lucas.aleixo
Code: 400. Errors:
* ldap operation failed: failed to bind as user
The command i’m using to configure vault:
vault auth enable ldap
vault write auth/ldap/config \
url="ldap://myserver" \
userattr="uid" \
userdn="OU=justatest,CN=Users,DC=justatest,DC=lan" \
groupdn="OU=justatest,OU=Groups,CN=Users,DC=justatest,DC=lan" \
groupfilter="(&(objectClass=group)(member={{.UserDN}}))" \
groupattr="cn" \
binddn="CN=administrator,CN=Users,DC=justatest,DC=lan" \
bindpass="mypass"
If i run and ldap search on cli works fine
ldapsearch -b "dc=justatest,dc=lan" -H ldap://myserver:389 -D administrator@justatest.lan "(sAMAccountName=lucas.aleixo)" -W -LLL "(member=CN=lucas.aleixo,OU=Users,OU=justatest,DC=justatest,DC=lan)"
Is there something i might be missing?
Any help is welcome