simplesamlphp and Google LDAP
18 views
Skip to first unread message
Mona Abdelhady
Apr 24, 2025, 2:07:00 AMApr 24
to SimpleSAMLphp
Hello,
Was anyone able to directly connect to Google LDAP using certificates not through an stunnel? We have been trying t make this happen and we keep getting the error below
not translated (Error authenticating using search username & password.)
Was anyone able to directly connect to Google LDAP using certificates not through an stunnel? We have been trying t make this happen and we keep getting the error below
not translated (Error authenticating using search username & password.)
Our ldap.php is as below:
<?php
/*
* Configuration for the LDAP authentication module.
*
* $Id: $
*/
$config = array(
/**
* LDAP configuration for Google Cloud Identity LDAP service
*
* The attributes parameter is a list of attributes that should be retrieved.
*/
'auth.ldap.hostname' => 'ldaps://ldap.google.com:636',
'auth.ldap.port' => 636,
'auth.ldap.enable_tls' => true,
'auth.ldap.attributes' => array('mail', 'displayName', 'memberOf', 'uid', 'givenName', 'cn', 'sn', 'departmentNumber', 'carLicense'),
/* Set this to TRUE to enable searching. */
'auth.ldap.search.enable' => true,
/* The base DN for the search. */
'auth.ldap.search.base' => 'ou=Users,dc=domain,dc=com',
/* The attribute(s) to search for username mapping */
'auth.ldap.search.attributes' => array('uid', 'posixUid', 'googleUid'),
/* The username & password for the service account that will bind to LDAP */
'auth.ldap.search.username' => 'ldap credentials username',
'auth.ldap.search.password' => 'ldap credentials password',
/* TLS configuration */
'auth.ldap.tls.cacertfile' => __DIR__ . '/../cert/Google_crt.crt',
'auth.ldap.tls.certfile' => __DIR__ . '/../cert/Google_crt.crt',
'auth.ldap.tls.keyfile' => __DIR__ . '/../cert/Google_key.key',
/* Debug level - helpful during setup */
'auth.ldap.debug' => true,
);
<?php
/*
* Configuration for the LDAP authentication module.
*
* $Id: $
*/
$config = array(
/**
* LDAP configuration for Google Cloud Identity LDAP service
*
* The attributes parameter is a list of attributes that should be retrieved.
*/
'auth.ldap.hostname' => 'ldaps://ldap.google.com:636',
'auth.ldap.port' => 636,
'auth.ldap.enable_tls' => true,
'auth.ldap.attributes' => array('mail', 'displayName', 'memberOf', 'uid', 'givenName', 'cn', 'sn', 'departmentNumber', 'carLicense'),
/* Set this to TRUE to enable searching. */
'auth.ldap.search.enable' => true,
/* The base DN for the search. */
'auth.ldap.search.base' => 'ou=Users,dc=domain,dc=com',
/* The attribute(s) to search for username mapping */
'auth.ldap.search.attributes' => array('uid', 'posixUid', 'googleUid'),
/* The username & password for the service account that will bind to LDAP */
'auth.ldap.search.username' => 'ldap credentials username',
'auth.ldap.search.password' => 'ldap credentials password',
/* TLS configuration */
'auth.ldap.tls.cacertfile' => __DIR__ . '/../cert/Google_crt.crt',
'auth.ldap.tls.certfile' => __DIR__ . '/../cert/Google_crt.crt',
'auth.ldap.tls.keyfile' => __DIR__ . '/../cert/Google_key.key',
/* Debug level - helpful during setup */
'auth.ldap.debug' => true,
);
Reply all
Reply to author
Forward
0 new messages