I’m evaluation Auth0 for our customers and i’m unable to login with my LDAP users created using openldap,:
1.) i’m able to search and also find the users with ldapsearch but when i login into auth0 login portal with ldap uid and password its returning me an error as “invalid username” what should i use while logging in into the Auth0 username/password ? The below mentioned is the error received when i try to provide the ldap user userrane and password in the Auth0 ldapconnector try portal for login:
[2022-10-10 06:52:23] latency test took avg: 202.07 ms, max: 430.5 ms, min: 153.66 ms
[2022-10-10 06:53:02] user userrane: Starting authentication attempt.
[2022-10-10 06:53:02] user userrane: Authentication attempt failed. Reason: wrong username
2.) When I run the troubleshoot.js it returns the following error:
06:32:35 - error: > Error: Unable to find users. Verify the permissions for the current user.
06:32:35 - info: Done!
The details of server.js, ldap users created. login error and also the troubleshoot logs are mentioned below
node server.js
[root@ip-172-31-93-200 auth0-adldap]# node server.js
[2022-10-10 06:31:51] Reading CA certificates from OPENSSLDIR
[2022-10-10 06:31:51] (node:22844) Warning: Accessing non-existent property ‘padLevels’ of module exports inside circular dependency
(Use node --trace-warnings ... to show where the warning was created)
[2022-10-10 06:31:51] Reading CA certificates from /etc/pki/tls/certs
[2022-10-10 06:31:51] Adding 2 certificates
[2022-10-10 06:31:51] Loading settings from ticket:
[2022-10-10 06:31:51] Is Anonymous LDAP search enabled? yes
[2022-10-10 06:31:51] Local settings updated.
[2022-10-10 06:31:51] Certificates already exist, skipping certificate generation.
[2022-10-10 06:31:51] Configuring connection IFFAD.
[2022-10-10 06:31:51] > Posting certificates and signInEndpoint: link
[2022-10-10 06:31:52] Connection IFFAD configured.
[2022-10-10 06:31:52] Connector setup complete.
[2022-10-10 06:31:52] Connecting to websocket…
[2022-10-10 06:31:52] Connecting to
[2022-10-10 06:31:52] Connected to websocket
[2022-10-10 06:31:52] auth0: Agent accepted.
[2022-10-10 06:31:53] latency test took avg: 175.64 ms, max: 204 ms, min: 151.53 ms
[2022-10-10 06:53:02] user userrane: Starting authentication attempt.
[2022-10-10 06:53:02] user userrane: Authentication attempt failed. Reason: wrong username
troubleshoot.js
[root@ip-172-31-93-200 auth0-adldap]# node troubleshoot
Troubleshooting AD LDAP connector
Reading CA certificates from OPENSSLDIR
(node:22859) Warning: Accessing non-existent property ‘padLevels’ of module exports inside circular dependency
(Use node --trace-warnings ... to show where the warning was created)
Reading CA certificates from
Adding 2 certificates
06:32:34 - info: No proxy server configured.
06:32:34 - info: ✭ Testing connectivity to Auth0…
06:32:34 - info: > Test endpoint:
06:32:34 - info: 
Connection to test endpoint succeeded.
06:32:34 - info: ✭ Testing hub connectivity (WS).
06:32:34 - info: Connection to hub succeeded.
06:32:34 - info: ✭ Testing clock skew…
06:32:34 - info: Everything OK. No clock skew detected.
06:32:34 - info: ✭ Testing certificates…
06:32:34 - info: > Local thumbprint: 1aba73f4c701deeeedc1e78267bdf016274e5306
06:32:35 - info: > Server thumbprint: 1aba73f4c701deeeedc1e78267bdf016274e5306
06:32:35 - info: Local and server certificates match.
06:32:35 - info: ✭ Running NLTEST…
06:32:35 - warn: > NLTEST can only run on Windows.
06:32:35 - info: ✭ Testing SSL connectivity to LDAP.
06:32:35 - info: ✭ Testing LDAP connectivity.
06:32:35 - info: > LDAP BASE: dc=acme,dc=com
end
06:32:35 - error: > Error: Unable to find users. Verify the permissions for the current user.
06:32:35 - info: Done!
config.json
{
“LDAP_BASE”: “dc=acme,dc=com”,
“LDAP_URL”: “”,
“AD_HUB”: “”,
“PROVISIONING_TICKET”: “”,
“WSFED_ISSUER”: “urn:dev-ft3-x824”,
“CONNECTION”: “IFFAD-Config”,
“LDAP_SEARCH”: true,
“CLIENT_CERT_AUTH”: true,
“KERBEROS_AUTH”: true,
“FIREWALL_RULE_CREATED”: true,
“REALM”: “urn:auth0:dev-ft3-x824”,
“SITE_NAME”: “IFFAD-Config”,
“urn:auth0:dev-ft3-x824”: “”,
“LDAP_BIND_USER”: “cn=Manager,dc=acme,dc=com”,
“SERVER_URL”: “”,
“LAST_SENT_THUMBPRINT”: “1aba73f4c701deeeedc1e78267bdf016274e5306”,
“TENANT_SIGNING_KEY”: “-----BEGIN CERTIFICATE-----\r\nMIIDDTCCAfWgAwIBAgIJBxFKqy2PCxS4MA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV\r\nBAMTGWRldi1mdDMteDgyNC51cy5hdXRoMC5jb20wHhcNMjIwOTI4MTcwMTI1WhcN\r\nMzYwNjA2MTcwMTI1WjAkMSIwIAYDVQQDExlkZXYtZnQzLXg4MjQudXMuYXV0aDAu\r\nY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cxg3gJsvGCZPf1m\r\ntbtNxeB4C4yCVbYve5JnzN+G0T+HW9f3fjM9k4rwwe182+PRyi0nN0M1nUGt3kOM\r\ntuGfBLPEF5WZ+XNTwY0PntNRZNZn0fgYgHQyj3FhGj2N38tFOJDz195YZDPA25wn\r\nInD9WqjXCn61uXPqK+q+AE6scvgpBnWngG3gQUn4OfimQXjSzdtAPgXNoTh/7Kl3\r\nlIxYpIV5LqAsHVUJ/1Q3mCOAOXTIrjM15M0ES9ZLdzWbwvvEK/wlUw/kI3+tDV0O\r\nmp77bs34bRzlvgAesI8z/RhQJ+/YQqGV7OeigQc3k1toVkbSUdxlYP5KEeu0/O0x\r\ni2mo6wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRyPQtnTlPe\r\nC4Q4MVMt1uy1S1AcDDAOBgNVHQ8BAf8EBAMCAoQwDQYJKoZIhvcNAQELBQADggEB\r\nALLNsDKbwFY4IUDHTzfwC4TfZzXDOO5404n9lTi535mGKzdZD/Mvd7di3Ykwllpv\r\nv63eCUVOps7rytT3lMrOn1fu3c6gsqUjwdNi69RrM6ArNSeYKUgnbih0Bs7CD/w5\r\nagEaNQFSqoK1IdSKc9orzIjfw/F6oA2/RSFWjn+Czbj0hZo6cUf4EzMN+Up+fLqz\r\nL/RPqdCzMLU4oo7Cxme1dxntQOQmz123XS67PNqOyFJb5fdDcinkowQJJs4G1j0k\r\nS6H3OshkyptQ/gnJ5I/GB65qkNXdjpulkGiKKtTC3bK9qgUtKisMc1FjiSu36ro5\r\n8yyoahZCo7ARMWxTIKCud6c=\r\n-----END CERTIFICATE-----\r\n”,
“LDAP_BIND_CREDENTIALS”: “$2$.f6a0e498746178f85f8d6661bd62ca67.e762ab109c78916d8fa3a78b58c8db01.326d47bcf404e597a9a21f285b85961e”
}
ldapsearch
[ec2-user@ip-172-31-93-200 ~]$ ldapsearch -H ldap: -x -D “cn=Manager,dc=acme,dc=com” -W
Enter LDAP Password:
extended LDIF
LDAPv3
base <dc=acme,dc=com> (default) with scope subtree
filter: (objectclass=*)
requesting: ALL
acme com
dn: dc=acme,dc=com
objectClass: dcObject
objectClass: organization
dc: acme
o: acme
Users, acme com
dn: ou=Users,dc=acme,dc=com
objectClass: organizationalUnit
ou: Users
Engineering, Users, acme com
dn: cn=Engineering,ou=Users,dc=acme,dc=com
cn: Engineering
objectClass: groupOfNames
member: cn=Bob Jones,ou=Users,dc=acme,dc=com
member: cn=Al Smith,ou=Users,dc=acme,dc=com
member: cn=AlSmith,ou=Users,dc=acme,dc=com
member: cn=BobJones,ou=Users,dc=acme,dc=com
JohnJones, Users, acme com
dn: cn=JohnJones,ou=Users,dc=acme,dc=com
cn: JohnJones
sn: Jones
userPassword:: am9uZXM=
objectClass: person
objectClass: organizationalPerson
Engineering, Users, acme com
dn: ou=Engineering,ou=Users,dc=acme,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
cn: Ranga
sn: James
userPassword:: cGFzc3dvcmQ=
ou: Engineering
userrane, Users, acme com
dn: uid=userrane,ou=Users,dc=acme,dc=com
objectClass: top
objectClass: uidObject
objectClass: person
objectClass: organizationalPerson
cn: user rane
sn: rane
uid: userrane
userPassword:: cGFzc3dvcmQ=
search result
search: 2
result: 0 Success