Error: The supplied credential is invalid in LDAP Authentication Plugin

Hello, I am trying to set the ldap-auth plugin to be on all apis.
My configuration for this plugin is:

curl -X POST http://localhost:8001/plugins/
--data "name=ldap-auth" 
--data "config.hide_credentials=false" 
--data "config.ldap_host=10.180.20.1" 
--data "config.ldap_port=389" 
--data "config.base_dn=OU=Employees,OU=COMPANY-USERS,DC=test,DC=com" 
--data "config.attribute=cn" 
--data "config.cache_ttl=60"

I consume the api using

curl -H "Authorization: LDAP <base64(cn:password)>" http://localhost:8000/details/

Everything from here is working fine, But when i set the config.attribute=samaccountName
The kong logs gives me

Error: The supplied credential is invalid.
Details: 80090308: LdapErr: DSID-0C0903D0, comment: AcceptSecurityContext error, data 52e, v2580

Attribute that works are cn and name but anything else do not like samaccountName or email.

Hello,

What you are describing should in fact work.

Just to clarify: can you confirm after changing the attribute to samaccountName, you also changed the base64 calculation used in curl so that it used samaccountName instead of cn?

Thanks for responding,

I did change it so be the base64(samaccountname:password) and it is still giving me the same error.
I am not sure if there is other place i should be looking at. I have tested the samaccountname with the a python code to authenticate and it was working fine.

I do have the same issue, Any updates on this?

I also got the same error when using the attribute “sAMAccountName”
Anyone can help?

Kong version: 1.1.2

Hello,

I have the same issue.
I think the kong ldap plugin is considering only CN attributes. I

I’ve opened an issue on github:

Hope someone will fix it

Hello guys!

I have the same issue to configure the plugin.

Can someone help me, please?