Passbolt Active Directory Integration

Hi people,
I’m trying to configure active directory integration with my passbolt Pro free trial before I buy the subscription. I have configured my Active Directory settings and when I try “Simulate Synchronization”, I get this error:

Error: The synchronization failed. ldap_search(): Search: Operations error.

My second question is about Active Directory Authentication. I found this in the docs. I’m running Passbolt Pro with the free trial.

Limitations:

The LDAP plugin doesn’t support nested groups in the current version. This improvement will be added later, once groups inside groups is supported by Passbolt.

A delegated authentication (such as using a LDAP user password as replacement of the passphrase) is currently not supported (and is not a trivial problem) but could still be considered in the future. If you are interested in this feature you can join the discussion on the community forum…

Does this mean that Active Directory authentication is not supported?

Thanks in advance. Best.
Herlit

Hello @herlit , welcome to the forum.

Is the server able to reach the AD/OpenLDAP server?

Also, since you are on a PRO trial, you can reach us here as we may need some screenshots of your settings etc.

Hi Antony.
The server can reach my ad. My question is if passbolt pro supports on premise AD authentication.
And have you seen a configuration like the following in passbolt.php that makes ldap/ad authentication work?
return [
‘passbolt’ => [
// existing Passbolt configurations, such as database, email, etc.

    'ldap' => [
        'enabled' => true,
        'type' => 'ad',
        'url' => 'ldaps://your-ad-server.example.com',
        'bind_dn' => 'CN=your_bind_user,OU=Users,DC=example,DC=com',
        'bind_password' => 'bind_user_password',
        'base_dn' => 'DC=example,DC=com',
        'username_attribute' => 'sAMAccountName',
        'user_filter' => '(&(objectClass=user)(memberof=CN=PassboltUsers,OU=Groups,DC=example,DC=com))',
    ],
],

];

Thanks
Herlit