Have Working LDAPS Service Account, So, Why Can't I Use That Account to Login Users

BrettSh 1 Reputation point

I have setup LDAPS by basically following these steps:


Plus, I have created a service account that allows me to extract user information.

The client stack is Linux, NGINX, PHP Drupal CMS.

If I create a query within Drupal with the following parameters I get one correct result:
base_dn_str = DC=myname,DC=onmicrosoft,DC=com
filter = (&(objectClass=user)(userprincipalname=member1@Dhiarya137 .onmicrosoft.com))

So, service account binding and user principal name must be OK.

However, I can't use the service account to login as member1 (or any other) user. I've got the Drupal log setting at debug and this is what I see:
member1@Dhiarya137 .onmicrosoft.com : Trying server ldapserver where bind_method = 1. Error: Success
member1@Dhiarya137 .onmicrosoft.com : Authentication result id=0 auth_result=3 (Sorry, unrecognized username or password.)

The username (member1@Dhiarya137 .onmicrosoft.com) is valid and I've tested the password elsewhere so I know that is correct.

I've posted a question about this on the Drupal forum a week ago, but haven't had a response.

Any suggestions?

Thank you in advance.



Microsoft Entra
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Frank Hu MSFT 81 Reputation points

    Hey @BrettSh it looks like you're using the CN but per this Drupal post :
    You actually should be using the uid. Can you try using the UID for your Drupal LDAPS connection and seeing if that works properly?

    This looks like it must be some sort of issue with Drupal to LDAPS configuration.

    If that doesn't work, try getting a network trace or posting this on the Drupal Forums for more engagement as this is an issue with the Drupal CMS LDAP config.

    1 person found this answer helpful.
    0 comments No comments