LDAP Groups not functional

Hi All,
I’ve setup rocketchat and have basic LDAP setup - the next step of my deployment is to have channels based on LDAP user group.

I can successfully login when i have “Sync LDAP groups” Disabled but cannot login with it enabled.

My LDAP server is a Active Directory server running on Server 2016.

Here are my settings -

User Group Filer -
" (&(objectCategory=Person)(sAMAccountName=#{username})(memberOf:1.2.840.113556.1.4.1941:=cn=#{groupName},OU=Protected Groups,OU=Administrative Groups,OU=Gatekeeper,DC=DOMAIN,DC=net)) "

LDAP Group BaseDN -
" dc=DOMAIN,dc=net "

User Data Group Map -
" {“Domain Admins”:“admin”,“Domain Users”:“user” }"

LDAP Group Channel Map -
" {“Domain Users”:“announcements”} "

Server Setup Information

  • Version of Rocket.Chat Server: 2.4.1
  • Operating System: rocket.chat docker container installed on CentOS
  • Deployment Method: Docker
  • Number of Running Instances: 1
  • DB Replicaset Oplog: Enabled
  • NodeJS Version: 8.15.1 - x64
  • MongoDB Version: 4.0.16
  • Proxy: NGINX
  • Firewalls involved: Yes

Any additional Information

Logs taken from Rocketchat server -
“Exception while invoking method ‘login’ TypeError: Cannot read property ‘searchAllSync’ of undefined at isUserInLDAPGroup (app/ldap/server/sync.js:34:22) at mapLdapGroupsToUserRoles (app/ldap/server/sync.js:252:7) at syncUserData (app/ldap/server/sync.js:344:20) at addLdapUser (app/ldap/server/sync.js:458:2) at MethodInvocation. (app/ldap/server/loginHandler.js:150:17) at tryLoginMethod (packages/accounts-base/accounts_server.js:460:31) at tryLoginMethod (packages/accounts-base/accounts_server.js:1294:14) at AccountsServer._runLoginHandlers (packages/accounts-base/accounts_server.js:458:22) at AccountsServer.Accounts._runLoginHandlers (app/lib/server/lib/loginErrorMessageOverride.js:7:35) at MethodInvocation.methods.login (packages/accounts-base/accounts_server.js:518:31) at maybeAuditArgumentChecks (packages/ddp-server/livedata_server.js:1771:12) at DDP._CurrentMethodInvocation.withValue (packages/ddp-server/livedata_server.js:719:19) at Meteor.EnvironmentVariable.EVp.withValue (packages/meteor.js:1234:12) at DDPServer._CurrentWriteFence.withValue (packages/ddp-server/livedata_server.js:717:46) at Meteor.EnvironmentVariable.EVp.withValue (packages/meteor.js:1234:12) at Promise (packages/ddp-server/livedata_server.js:715:46) at new Promise () at Session.method (packages/ddp-server/livedata_server.js:689:23) at packages/ddp-server/livedata_server.js:559:43”

Any help would be much appreciated.

i have the same problem with AD 2012R2.
Look here

and here

i also wrote some infos on a existing github pull request but dont get any answer.

i had the same error message and some others like User still exists.
Until now i dont get any support.

Thanks for your response, it seems that some people are successfully deploying RocketChat with AD but also some people facing issues.
Unsure how to proceed as i’d like to get RocketChat implemented for our company but cannot implement the groups with AD.

Disappointing as we’d look to buy the enterprise versions once this is deployed.

1 Like

Yes, we have the same problem. We want to test rocket chat and if it runs smoothly we think about the enterprise version but with this problems we cant implement rocket chat.

Are we the only one who has this problems? I cant image that this is a config problem…?

1 Like

this my settings… “INTERNAL SERVER ERROR”