I have recently tried to configure LDAP on my SugarCRM Enterprise instance by following the documentation (https://support.sugarcrm.com/Knowledge_Base/Password_Management/Configuring_LDAP_Authentication_Using_Active_Directory/), with little success. After configuring it with the details of our LDAP server, and trying to log in as an LDAP user, I can find the following in the logs, which seem to indicate that the configurations are simply ignored:
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'system_ldap_enabled' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_hostname' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_port' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_base_dn' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_login_filter' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_bind_attr' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_login_attr' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_group_dn' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_group_name' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_group_user_attr' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_group_attr' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_authentication_checkbox' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_admin_user' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_auto_create_users' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_enc_key' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_group_attr_req_dn' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_group' from POST
Wed Mar 4 11:49:17 2020 [23195][1][DEBUG] Skipping unknown config key 'ldap_authentication' from POST
And following that, there is the following logs which I believe simply shows the udpates done to the database (changed private information where applicable):
Wed Mar 4 11:49:22 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"system","2":"ldap_enabled","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:22 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":1,"2":"system","3":"ldap_enabled","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:22 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"hostname","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:22 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"hostname.domain.com","2":"ldap","3":"hostname","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:22 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"port","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:22 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"389","2":"ldap","3":"port","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:22 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"base_dn","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:22 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"OU=Users,DC=domain,DC=com","2":"ldap","3":"base_dn","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:22 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"login_filter","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:22 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"","2":"ldap","3":"login_filter","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"bind_attr","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"userPrincipalName","2":"ldap","3":"bind_attr","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"login_attr","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"sAMAccountName","2":"ldap","3":"login_attr","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"group_dn","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"","2":"ldap","3":"group_dn","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"group_name","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"","2":"ldap","3":"group_name","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"group_user_attr","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"","2":"ldap","3":"group_user_attr","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"group_attr","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"","2":"ldap","3":"group_attr","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"authentication_checkbox","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"on","2":"ldap","3":"authentication_checkbox","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"admin_user","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"binduser@domain.com","2":"ldap","3":"admin_user","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"auto_create_users","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"1","2":"ldap","3":"auto_create_users","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"enc_key","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"","2":"ldap","3":"enc_key","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"group_attr_req_dn","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":0,"2":"ldap","3":"group_attr_req_dn","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"group","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":0,"2":"ldap","3":"group","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: SELECT COUNT(*) AS the_count FROM config WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":"ldap","2":"authentication","3":""}\nTypes: {"1":2,"2":2,"3":2}
Wed Mar 4 11:49:23 2020 [23195][1][INFO] Query: UPDATE config SET value = ? WHERE (category = ?) AND (name = ?) AND ((platform = ?) OR (platform IS NULL))\nParams: {"1":1,"2":"ldap","3":"authentication","4":""}\nTypes: {"1":2,"2":2,"3":2,"4":2}
This is all the logging information I got concerning LDAP. No actual error/fatal logs could be found. To add to it, I ran a TCPDump packet capture when trying to log in after setting those configurations up, but there was no information related to LDAP, port 389, or my LDAP server IP that was captured.
Because of this issue, I am not only unable to log in using LDAP, but it seems to disable local credentials log in as well, as I am no longer able to log in as other non-LDAP users.
I am using the following software versions:
- Ubuntu 18.04.2 LTS
- SugarCRM Enterprise v9.0.1 (build 176) (Spring '19)
- Apache/2.4.29 (Ubuntu)
- PHP 7.1.32-1
I'm not quite sure what to do from here to troubleshoot this issue, and would like some advice of where to look.