Our all apps are using openldap1.2.4 for authentication, so we’d like integrate metabase with ldap too.
unfortunately, we got:
password: did not match stored password
I’m pretty sure that user dn, search base dn are correct, I also set email , givenname and sn for users on our ldap server.
I have tried theses filters:
still get same error.
Then, I don’t have any more clue to figure out.
how do I get more details? Or any suggestions?
I just saw this https://www.metabase.com/enterprise/pricing.html, does it mean only enterprise supports ldap authentication?
No, it’s just a pain to get it to work.
The LDAP (and Google Sign-In) are part of the Community Edition:
Do you see more details in the Metabase log (Admin > Troubleshooting > Logs) or on the LDAP server?
Have you tried to enable debug logging on the LDAP server and see if the Metabase lookup filter matches other programs?
Finally, it works! what I want to share are:
- ensure your ldap entry has these attributes: email, givenName, sn.
- email value must match email format.
- openldap’s email attribute is actually named “mail”, instead of “email”. Even phpLDAPAdmin show it as “email”.