• Login
  • Register
    • Login Register
    Login
    Username/Email:
    Password:
    Or login with a social network below
  • Forum
  • Website
  • GitHub
  • Status
  • Translation
  • Features
  • Team
  • Rules
  • Help
  • Feeds
User Links
  • Login
  • Register
    • Login Register
    Login
    Username/Email:
    Password:
    Or login with a social network below

    Useful Links Forum Website GitHub Status Translation Features Team Rules Help Feeds
    Jellyfin Forum Support Troubleshooting Jellyfin 10.9-unstable: No LDAP Login

    Pages (2): 1 2 Next »

     
    • 0 Vote(s) - 0 Average

    Jellyfin 10.9-unstable: No LDAP Login

    LDAP login doesn't work with Jellyfin 10.9, but it does with 10.8.13. Could this be a bug?
    pixel24
    Offline

    Member
    Posts: 193
    Threads: 55
    Joined: 2023 Aug
    Reputation: 1
    Country:Germany
    #1
    2024-03-15, 09:53 AM
    Hello everyone,

    We have a Univention server here (UCS 5.0.7) configured as ADS, providing users/groups. My JF 10.8.13 is connected to it, and LDAP user login works. Now, I've installed a test VM with Debian 12.5 and JF 10.9-unstable. However, LDAP login doesn't work anymore. I configured the LDAP connection in 10.9 as follows, and all tests in the plugin configuration return correct values.


    Code:
    LDAP Server:                    srv01.lan.example.de
    LDAP Port:                      7636
    Secure LDAP:                    [x]
    StartTLS:                      [ ]

    Skip SSL/TLS Verification:      [x]
    Allow Password Change:          [ ]

    LDAP Bind User:                uid=ldapbind,cn=users,dc=lan,dc=example,dc=de
    LDAP Bind User Password:        secret

    LDAP Base DN for searches:      dc=lan,dc=example,dc=de


    -> Save und test LDAP-Server-Settings -> Connect (Success); Bind (Success); Base Search (Found 873 Entities)



    LDAP Search Filter:            (memberOf=cn=JellyfinUsers,cn=groups,dc=lan,dc=example,dc=de)
    LDAP Search Attributes:        uid, cn, mail, displayName
    LDAP Uid Attribute:            uid
    LDAP Username Attribute:        uid
    LDAP Password Attribute:        userPassword
    LDAP Admin Base DN:            (cn=Administrators,cn=Builtin,dc=lan,dc=example,dc=de)
    LDAP Admin Filter:              (&(objectClass=posixAccount)(|(memberOf=cn=Domain Admins,cn=groups,dc=lan,dc=example,dc=de)(memberOf=cn=Administrators,cn=Builtin,dc=lan,dc=example,dc=de)))
    Enable Admin Filter 'memberUid' mode: [x]

    -> Test and save LDAP-Filter-Settings -> Found 4 user(s), 2 admin(s), Warning: Not all Admins are Users


    Test Login Name:                s.example

    -> Sace Search Attribute Settings and Query User -> Found user: uid=s.example,cn=users,dc=lan,dc=example,dc=de


    Enable User Creation:          [x]

    Zugriff auf alle Bibliotheken zulassen:    [ ]

    Unfortunately, the Jellyfin log file provides little insight into the reasons for the failure:
    Code:
    [2024-03-15 10:27:21.507 +01:00] [INF] Authentication request for "s.example" has been denied (IP: "192.168.83.141").

    [2024-03-15 10:27:21.510 +01:00] [ERR] Error processing request: "Invalid username or password entered". URL "POST" "/Users/authenticatebyname".
    sjorge
    Offline

    Junior Member
    Posts: 16
    Threads: 0
    Joined: 2023 Nov
    Reputation: 0
    Country:Belgium
    #2
    2024-03-15, 10:13 AM
    I'm pretty sure none of the plugins are build for 10.9-unstable. And LDAP Auth is a plugin.
    pixel24
    Offline

    Member
    Posts: 193
    Threads: 55
    Joined: 2023 Aug
    Reputation: 1
    Country:Germany
    #3
    2024-03-15, 10:24 AM
    Hm, okay. Since the configuration within the LDAP plugin significantly deviates from the version for 10.8.x, I thought the plugin had already been adapted.
    Where can I report the error?
    A manual LDAPSEARCH on the Debian machine where Jellyfin is running with the same binding data correctly returns the users of the JellyfinUsers group:

    Code:
    ldapsearch -D "uid=ldapbind,cn=users,dc=lan,dc=example,dc=de" -W -H ldap://srv01.lan.example.de:7389 -b "cn=users,dc=lan,dc=example,dc=de" "(&(objectClass=*)(memberOf=cn=JellyfinUsers,cn=groups,dc=lan,dc=example,dc=de))"

    So, the configuration is correct. This also aligns with all three test functions in the plugin delivering correct values.
    crobibero
    Offline

    Core Team (Server & Plugins)
    Posts: 223
    Threads: 0
    Joined: 2023 Jun
    Reputation: 16
    Country:United States
    #4
    2024-03-15, 12:04 PM
    There is no need to report. Plugins are not supported for prerelease versions of Jellyfin.
    pixel24
    Offline

    Member
    Posts: 193
    Threads: 55
    Joined: 2023 Aug
    Reputation: 1
    Country:Germany
    #5
    2024-03-15, 12:42 PM
    Sure, thank you. Since it's a test environment that will be deleted once the final version 10.9 is released, I'll create the users locally to test Jellyfin itself.

    But how do plugin developers manage to have their plugins working until the release of Jellyfin 10.9?
    pixel24
    Offline

    Member
    Posts: 193
    Threads: 55
    Joined: 2023 Aug
    Reputation: 1
    Country:Germany
    #6
    2024-03-28, 06:57 AM
    Good news. With the Plug-In-Unstable-Repo, the integration with my LDAP/Kerberos/Samba - ADS (Univention) is working again. I'll run a few more tests here, but it looks promising. Thanks!
    Duvel
    Offline

    Junior Member
    Posts: 41
    Threads: 7
    Joined: 2023 Jul
    Reputation: 2
    Country:Belgium
    #7
    2024-05-01, 12:17 PM (This post was last modified: 2024-05-01, 12:31 PM by Duvel. Edited 3 times in total.)
    (only belgians and germans here Grinning-face )

    Got the same issue.
    I suppose that to get the unstable ldap pluggin you should manually add a new repository ???

    (2024-03-15, 12:04 PM)crobibero Wrote: There is no need to report. Plugins are not supported for prerelease versions of Jellyfin.
    I just dont understand your stance... why shouldn't we report a plugin issue.
    I mean, there are totally accessory plugins, and totally NEEDED plugins for some installs.
    IE all people relying on an ldap directory for their user management absolutely need the ldap pluggin to work and if it doesnt it means that Jellyfin is broken for them on 10.9 stable release.

    And btw, if you consider that plugins are somewhat not important, then LDAP and OpenID shouldn't be a pluggin but bundled into the core  because they are essential components for large installations offering various services to dozens of users
    Duvel
    Offline

    Junior Member
    Posts: 41
    Threads: 7
    Joined: 2023 Jul
    Reputation: 2
    Country:Belgium
    #8
    2024-05-01, 12:26 PM (This post was last modified: 2024-05-01, 12:34 PM by Duvel. Edited 1 time in total.)
    *to delete* double post
    crobibero
    Offline

    Core Team (Server & Plugins)
    Posts: 223
    Threads: 0
    Joined: 2023 Jun
    Reputation: 16
    Country:United States
    #9
    2024-05-01, 12:28 PM
    This was announced in multiple places.

    https://jellyfin.org/posts/testing-10.9.0
    Duvel
    Offline

    Junior Member
    Posts: 41
    Threads: 7
    Joined: 2023 Jul
    Reputation: 2
    Country:Belgium
    #10
    2024-05-01, 12:32 PM (This post was last modified: 2024-05-01, 12:33 PM by Duvel. Edited 1 time in total.)
    ok but that's not a reason to tell us that we shouldnt report this !
    At least this forum thread helped me to find what my issue was so I am glad it is here
    Pages (2): 1 2 Next »

    « Next Oldest | Next Newest »

    Users browsing this thread: 8 Guest(s)


    • View a Printable Version
    • Subscribe to this thread
    Forum Jump:

    Home · Team · Help · Contact
    © Designed by D&D - Powered by MyBB
    L


    Jellyfin

    The Free Software Media System

    Linear Mode
    Threaded Mode