Cannot sign in thourgh LDAPS...

[rsvmatt]

hello everyone,
i hope you guys are doing well.

This is my first post so i'm really sorry if it's a bit messy.

I would like to know if you guys can link LDAPS over Teampass and make it work?

1. I have a Active Directory on Windows with the support of LDAPS
2. I use the port 636 and tick "Use LDAP through SSL (LDAPS) to Yes
3. I do not use tick "Use LDAP through TLS" and did put the Certificate check for LDAP TLS to : LDAP_OPT_X_TLS_NEVER
4. I also use 2FA with Google Authenticator that works perfectly with LDAP

Expected behaviour

I thought using LDAPS would work easily

Actual behaviour

Whenever from the admin page i do the test with my login and password from the AD it works but when i try to log in on the website it doesnt, it keeps loading forever without any error message.

Server configuration

Operating system:
Debian GNU/Linux 10 (buster)

Web server:
Apache2

Database:
Mysql

PHP version:
PHP 8.2.0

Teampass version:
Teampass 3.0.0.22

Teampass configuration file:
global $SETTINGS;
$SETTINGS = array (
'max_latest_items' => '10',
'enable_favourites' => '1',
'show_last_items' => '1',
'enable_pf_feature' => '1',
'log_connections' => '1',
'log_accessed' => '1',
'time_format' => 'H:i:s',
'date_format' => 'd/m/Y',
'duplicate_folder' => '0',
'item_duplicate_in_same_folder' => '0',
'duplicate_item' => '0',
'number_of_used_pw' => '3',
'manager_edit' => '1',
'cpassman_dir' => '/var/www/html/TeamPass',
'cpassman_url' => 'hidden for obvious reasons',
'favicon' => 'https://raw.githubusercontent.com/nilsteampassnet/TeamPass/master/favicon.ico',
'path_to_upload_folder' => '/var/www/html/TeamPass/upload',
'path_to_files_folder' => '/var/www/html/TeamPass/files',
'url_to_files_folder' => 'hidden for obvious reasons',
'activate_expiration' => '0',
'pw_life_duration' => '0',
'maintenance_mode' => '0',
'enable_sts' => '0',
'encryptClientServer' => '1',
'cpassman_version' => '3.0.0.22',
'ldap_mode' => '1',
'ldap_type' => 'ActiveDirectory',
'ldap_suffix' => '0',
'ldap_domain_dn' => '0',
'ldap_domain_controler' => '0',
'ldap_user_attribute' => 'samaccountname',
'ldap_ssl' => '1',
'ldap_tls' => '0',
'ldap_elusers' => '1',
'ldap_search_base' => '0',
'ldap_port' => '636',
'richtext' => '0',
'allow_print' => '1',
'roles_allowed_to_print' => '0',
'show_description' => '1',
'anyone_can_modify' => '0',
'anyone_can_modify_bydefault' => '0',
'nb_bad_authentication' => '0',
'utf8_enabled' => '1',
'restricted_to' => '0',
'restricted_to_roles' => '0',
'enable_send_email_on_user_login' => '0',
'enable_user_can_create_folders' => '0',
'insert_manual_entry_item_history' => '0',
'enable_kb' => '0',
'enable_email_notification_on_item_shown' => '0',
'enable_email_notification_on_user_pw_change' => '0',
'custom_logo' => 'hidden for obvious reasons',
'custom_login_text' => 'hidden for obvious reasons',
'default_language' => 'english',
'send_stats' => '0',
'send_statistics_items' => 'stat_country;stat_users;stat_items;stat_items_shared;stat_folders;stat_folders_shared;stat_admins;stat_managers;stat_ro;stat_mysqlversion;stat_phpversion;stat_teampassversion;stat_languages;stat_kb;stat_suggestion;stat_customfields;stat_api;stat_2fa;stat_agses;stat_duo;stat_ldap;stat_syslog;stat_stricthttps;stat_fav;stat_pf;',
'send_stats_time' => '1669037073',
'get_tp_info' => '1',
'send_mail_on_user_login' => '0',
'nb_items_by_query' => 'auto',
'enable_delete_after_consultation' => '0',
'enable_personal_saltkey_cookie' => '0',
'personal_saltkey_cookie_duration' => '31',
'email_smtp_server' => 'hidden for obvious reasons',
'email_smtp_auth' => '0',
'email_auth_username' => '',
'email_auth_pwd' => '',
'email_port' => '25',
'email_security' => '',
'email_server_url' => '',
'email_from' => 'hidden for obvious reasons',
'email_from_name' => 'Teampass',
'pwd_maximum_length' => '40',
'google_authentication' => '1',
'delay_item_edition' => '0',
'allow_import' => '0',
'proxy_ip' => '',
'proxy_port' => '',
'upload_maxfilesize' => '10mb',
'upload_docext' => 'doc,docx,dotx,xls,xlsx,xltx,rtf,csv,txt,pdf,ppt,pptx,pot,dotx,xltx',
'upload_imagesext' => 'jpg,jpeg,gif,png',
'upload_pkgext' => '7z,rar,tar,zip',
'upload_otherext' => 'sql,xml',
'upload_imageresize_options' => '1',
'upload_imageresize_width' => '800',
'upload_imageresize_height' => '600',
'upload_imageresize_quality' => '90',
'use_md5_password_as_salt' => '0',
'ga_website_name' => 'hidden for obvious reasons',
'api' => '0',
'subfolder_rights_as_parent' => '0',
'show_only_accessible_folders' => '1',
'enable_suggestion' => '1',
'otv_expiration_period' => '7',
'default_session_expiration_time' => '60',
'duo' => '0',
'enable_server_password_change' => '0',
'ldap_object_class' => '0',
'bck_script_path' => '/var/www/html/TeamPass/backups',
'bck_script_filename' => 'hidden for obvious reasons',
'syslog_enable' => '0',
'syslog_host' => 'localhost',
'syslog_port' => '514',
'manager_move_item' => '0',
'create_item_without_password' => '0',
'otv_is_enabled' => '0',
'agses_authentication_enabled' => '0',
'item_extra_fields' => '0',
'saltkey_ante_2127' => 'none',
'migration_to_2127' => 'done',
'files_with_defuse' => 'done',
'timezone' => 'Europe/Paris',
'enable_attachment_encryption' => '1',
'personal_saltkey_security_level' => '50',
'ldap_new_user_is_administrated_by' => '0',
'disable_show_forgot_pwd_link' => '0',
'offline_key_level' => '0',
'enable_http_request_login' => '0',
'ldap_and_local_authentication' => '1',
'secure_display_image' => '1',
'upload_zero_byte_file' => '0',
'upload_all_extensions_file' => '0',
'bck_script_passkey' => 'hidden for obvious reasons',
'admin_2fa_required' => '0',
'password_overview_delay' => '4',
'copy_to_clipboard_small_icons' => '1',
'duo_ikey' => '',
'duo_skey' => '',
'duo_host' => '',
'duo_failmode' => 'secure',
'teampass_version' => '',
'roles_allowed_to_print_select' => '[5,6]',
'clipboard_life_duration' => '30',
'mfa_for_roles' => '[]',
'tree_counters' => '1',
'settings_offline_mode' => '0',
'settings_tree_counters' => '0',
'enable_massive_move_delete' => '0',
'email_debug_level' => '0',
'ga_reset_by_user' => '0',
'onthefly-backup-key' =>'hidden for obvious reasons',
'onthefly-restore-key' => '',
'ldap_user_dn_attribute' => 'distinguishedname',
'ldap_dn_additional_user_dn' => 'hidden for obvious reasons'
'ldap_user_object_filter' => '',
'ldap_bdn' => 'hidden for obvious reasons',
'ldap_hosts' => '0.0.0.0',
'ldap_password' =>'hidden for obvious reasons',
'ldap_username' => 'hidden for obvious reasons',
'api_token_duration' => '60',
'enable_tasks_manager' => '0',
'task_maximum_run_time' => '300',
'tasks_manager_refreshing_period' => '20',
'maximum_number_of_items_to_treat' => '100',
'ldap_tls_certifacte_check' => 'LDAP_OPT_X_TLS_NEVER',
);

Client configuration

Browser:
Firefox/Edge

Operating system:
Windows 10 22H2

Logs

Web server error log

Insert your webserver log here

#### Log from the web-browser developer console (CTRL + SHIFT + i)

Insert the log here and especially the answer of the query that failed.

![image](https://github.com/nilsteampassnet/TeamPass/assets/167335962/42e7a931-22bc-440d-8a58-364b51f0168a)

[DaveWebb2]

I was able to resolve this by manually configuring LDAP using the includes/config/tp.config.php file as some values in there (such as ldap_suffix) are required but not available to edit through the LDAP page inside TeamPass. Hopefully the same for you?

[execcr]

@DaveWebb2 hi could you please provide more information? i have the same problem

[rsvmatt]

@DaveWebb2 Hello, i was reading your response over your #4094 issue.

I will look for it and play with the config file and try to modify the ldap suffix + ldap_domain_dn value

if you could share it also it'll would help me a lot, because in the field ldap_domain_dn there's a 0 and idk to what should i replace it either 1 or my current active domain name

Thank you so much for your reply.

[rsvmatt]

Also i have just noticed, theres a plenty of tp.config file generating... whenever i modify the og one nothing happens, it reset by default automatically?