simplesamlphp and Google LDAP

18 views
Skip to first unread message

Mona Abdelhady

unread,
Apr 24, 2025, 2:07:00 AMApr 24
to SimpleSAMLphp
Hello,

Was anyone able to directly connect to Google LDAP using certificates not through an stunnel? We have been trying t make this happen and we keep getting the error below

not translated (Error authenticating using search username & password.)

Our ldap.php is as below:

<?php
/*
 * Configuration for the LDAP authentication module.
 *
 * $Id: $
 */

$config = array(

/**
 * LDAP configuration for Google Cloud Identity LDAP service
 *
 * The attributes parameter is a list of attributes that should be retrieved.
 */
'auth.ldap.hostname'   => 'ldaps://ldap.google.com:636',
'auth.ldap.port' => 636,
'auth.ldap.enable_tls' => true,
'auth.ldap.attributes' => array('mail', 'displayName', 'memberOf', 'uid', 'givenName', 'cn', 'sn', 'departmentNumber', 'carLicense'),

/* Set this to TRUE to enable searching. */
'auth.ldap.search.enable' => true,

/* The base DN for the search. */
'auth.ldap.search.base' => 'ou=Users,dc=domain,dc=com',

/* The attribute(s) to search for username mapping */
'auth.ldap.search.attributes' => array('uid', 'posixUid', 'googleUid'),

/* The username & password for the service account that will bind to LDAP */
'auth.ldap.search.username' => 'ldap credentials username',
'auth.ldap.search.password' => 'ldap credentials password',

/* TLS configuration */
'auth.ldap.tls.cacertfile' => __DIR__ . '/../cert/Google_crt.crt',
'auth.ldap.tls.certfile' => __DIR__ . '/../cert/Google_crt.crt',
'auth.ldap.tls.keyfile' => __DIR__ . '/../cert/Google_key.key',

/* Debug level - helpful during setup */
'auth.ldap.debug' => true,
);
Reply all
Reply to author
Forward
0 new messages