No password setting for LDAP manager

(from github.com/albertgu2016)
Hi Fess Author,

I saw you have SSO AD function in FESS version 10.2.0.

But I tried configure it using admin account, there was no aera to configure password of LDAP baseDN.

So LDAP user can’t login FESS, could you please check it?
I think it is a bug of the system.

Looking forward for your fast reply!

(from github.com/marevol)
For configuration, LDAP/AD authentication is different from SSO with LDAP/AD.

To configure LDAP/AD authentication without SSO:

  1. Type your LDAP/AD info at LDAP configuration of admin general page.
  2. Login as LDAP/AD user with the password on login page. (Therefore, Fess does not require LDAP password)

To configure LDAP/AD authentication with SSO:

  1. Type your LDAP/AD info and enable Login Required on admin general page.
  2. Modify the following values in fess_config.properties
ldap.admin.provider.url=ldap\://localhost\:1389
ldap.admin.security.principal=cn\=Directory Manager
ldap.admin.security.credentials=password
  1. Login as user on Windows, and then access to Fess(you will be logged in as the same user automatically).

(from github.com/albertgu2016)
Sorry, misunderstanding, I think system with interface with LDAP may have password of administrator of LDAP server who manger and created LDAP accounts/passwords.

Without this, how the system verfity the database with LDAP server?

In other words, any system can connect to LDAP server without LDAP administrator verify firstly? it is very dangerous.

(from github.com/albertgu2016)
I tried the way you suggested, it doesn’t work. but other system using LDAP credential works.
ldap.admin.provider.url=ldap://localhost:1389 changed to remote LDAP server
ldap.admin.security.principal=cn=Directory Manager changed
ldap.admin.security.credentials=password changed

(from github.com/albertgu2016)
Good news. The user in ldap.admin.security.principal=cn=Directory Manager changed can Access Fess, but it is LDAP administrator, not LDAP user. The LDAP user still can’t access FESS.

(from github.com/marevol)
Okay, I’ll add password field to admin general page in next release.

(from github.com/julianopcardoso)
If I configure LDAP/AD authentication with SSO will everybody have access to admin page?

I just wanna log searches of the user´s machine (LDAP authenticaded). Not guest user but LDAP User.

(from github.com/marevol)
Please do not mix different questions in this issue.