Hey, sorry, I didn’t notice your messages.
Make sure you have “flowLdap” user in the actual LDAP instance. Also make sure other entries in that list are equal to the configuration from the LDAP user. Everything must match. If the problem persists, I will pass you the complete configuration with AD.
Thanks for response. I already tried that and problem still exist. This will be helpful if you provide complete configuration with LDAP.
Okay so, this is part of my docker-compose.yml in charge of the Flowable All in One image and LDAP stuff. This works perfectly. However, I’m unable to give you any specific LDAP/AD info as I don’t administrate it nor have direct access to it. That part you have to preconfigure yourself.
container_name: flowable-bpm
image: flowable/all-in-one:latest
restart: unless-stopped
environment:
FLOWABLE_CONTENT_STORAGE_ROOT-FOLDER: /data
FLOWABLE_COMMON_APP_IDM-REDIRECT-URL: http://flowable.int.domain.net/flowable-idm
FLOWABLE_COMMON_APP_IDM-URL: http://flowable.int.domain.net/flowable-idm
SPRING_DATASOURCE_DRIVER-CLASS-NAME: org.postgresql.Driver
SPRING_DATASOURCE_URL: jdbc:postgresql://flowable-postgres:5432/flowable
SPRING_DATASOURCE_USERNAME: flowable
SPRING_DATASOURCE_PASSWORD: flowable
FLOWABLE_IDM_LDAP_ENABLED: "true"
FLOWABLE_IDM_LDAP_SERVER: ldap://192.168.0.1
FLOWABLE_IDM_LDAP_PORT: 389
FLOWABLE_IDM_LDAP_USER: cn=${LDAPUSER},ou=APP,dc=int,dc=company,dc=net
FLOWABLE_IDM_LDAP_PASSWORD: ${LDAPPASS}
FLOWABLE_IDM_LDAP_BASE_DN: dc=int,dc=company,dc=net
FLOWABLE_IDM_LDAP_USER_BASE_DN: ou=company,dc=int,dc=company,dc=net
FLOWABLE_IDM_LDAP_GROUP_BASE_DN: cn=Users,dc=int,dc=company,dc=net
FLOWABLE_IDM_LDAP_QUERY_USER_BY_ID: (&(objectClass=user)(sAMAccountName={0}))
FLOWABLE_IDM_LDAP_QUERY_ALL_USERS: (objectClass=user)
FLOWABLE_IDM_LDAP_QUERY_USER_BY_FULL_NAME_LIKE: (&(objectClass=user)(|({0}=*{1}*)({2}=*{3}*)))
FLOWABLE_IDM_LDAP_QUERY_GROUPS_FOR_USER: (&(objectClass=group)(member={0}))
FLOWABLE_IDM_LDAP_QUERY_ALL_GROUPS: (objectClass=group)
FLOWABLE_IDM_LDAP_QUERY_GROUP_BY_ID: (&(objectClass=group)(cn={0}))
FLOWABLE_IDM_LDAP_ATTRIBUTE_USER_ID: sAMAccountName
FLOWABLE_IDM_LDAP_ATTRIBUTE_FIRST_NAME: givenName
FLOWABLE_IDM_LDAP_ATTRIBUTE_LAST_NAME: sn
FLOWABLE_IDM_LDAP_ATTRIBUTE_EMAIL: mail
FLOWABLE_IDM_LDAP_ATTRIBUTE_GROUP_ID: cn
FLOWABLE_IDM_LDAP_ATTRIBUTE_GROUP_NAME: cn
FLOWABLE_IDM_LDAP_CACHE_GROUP_SIZE: 10000
FLOWABLE_IDM_LDAP_CACHE_GROUP_EXPIRATION: 180000
FLOWABLE_IDM_APP_ADMIN_USER_ID: svgbf01
FLOWABLE_IDM_APP_ADMIN_PASSWORD: ${REDACTED}
FLOWABLE_IDM_APP_ADMIN_FIRST_NAME: Bruno
FLOWABLE_IDM_APP_ADMIN_LAST_NAME: Fištrek
FLOWABLE_IDM_APP_ADMIN_EMAIL: bruno.fistrek@company.hr
FLOWABLE_COMMON_APP_IDM_ADMIN_USER: svgbf01
FLOWABLE_COMMON_APP_IDM_ADMIN_PASSWORD: ${REDACTED}Thanks @fiki574. member attribute not define. Can you please tell me that what is member?
Is this sAMAccountName or cn?
Sorry for late response.
It should literally be “member” in the configuration. You have to check your AD/LDAP instance to find some of this info out.
No reply…?
Right, but unfortunately I don’t have time to set up OpenLDAP and do trial-n-error.
I have an Active Directory, and that authentication only works for IDM application, whereas other apps get redirected to the IDM login screen..