Integrate an LDAP account database with Taiga

Contribution Third party
41

The hacky solution I’m currently thinking of:

The taiga-docker setup uses an Nginx reverse proxy (taiga-gateway) that handles all the HTTP requests. You could probably configure Nginx to redirect /forgot-password to the link to reset the LDAP password.

Untested setup instructions

  1. I assume you have the taiga-docker repository cloned somewhere on the server you’re hosting Taiga on.

  2. Edit the file taiga-gateway/taiga.conf in that repository: Insert the following things above # Frontend:

    location /forgot-password {
    return https://example.com/wherever-your-password-reset-page-is
}

  3. Replace https://example.com/wherever-your-password-reset-page-is with the URL of the password reset page you want to use

  4. Use docker compose down; docker compose up -d to restart

I haven’t tested the instructions, but this is what I’d try.

1 Like
42

Thank you, i will try this and update you! we are using nginx, but not dockerized but i think it is very good trick and should work

1 Like
43

There is no “easy” way that does not involve a rebuild of the code of the frontend and a rebuild of the customized taiga-front docker image.

Using the taiga-gateway, or an external nginx, to do the “magic” seems the most straightforward solution.

44

Above technique worked now forgot password redirects to our required page! thanks

1 Like
45

Hi dear @TuringTux

I have recently installed Taiga updated version 6.7, this LDAP plugins is loaded but i am not able to login with ldap credentials. No logs observed. Same plugin is working on our taiga 6.5.

can your please advice

46

I just checked my instance, I think I am running Taiga 6.7.0 (via Docker).

I have intermittent login problems, which are fixed for a short while if I recreate the containers. I haven’t yet had time to investigate this more closely.

If restarting the entire instance fixes login for you, we might have the same problem.

47

Good day, can I ask you for help in solving the integration of Ldap and taiga? I looked through your instructions, but unfortunately I did not achieve success

48

Hello!

Sure, I can try to help you to the extent I’m capable.

What exactly have you done? Which commands did you execute? Do you have a link to the guide you followed?

Are there any error messages or logs you can share?

49

Hi bro,

Restartin

Hi bro,

I have restarted the VPS, but it does not solve my problem. No ldap related logs are being generated

LDAP Configuration in config.py

INSTALLED_APPS += [“taiga_contrib_ldap_auth_ext”]
LDAP_SERVER = “ldap://sso.mydomain.com”
LDAP_PORT = 389
LDAP_BIND_DN = “CN=admin,DC=mydomain,DC=com”
LDAP_BIND_PASSWORD = “password”
LDAP_SEARCH_BASE = ‘OU=people,DC=mydomain,DC=com’
LDAP_USERNAME_ATTRIBUTE = “uid”
LDAP_EMAIL_ATTRIBUTE = “mail”
LDAP_FULL_NAME_ATTRIBUTE = “cn”
LDAP_SAVE_LOGIN_PASSWORD = False
LDAP_MAP_USERNAME_TO_UID = None

50

Hi Turing
i have deployed latest taiga on my server i also want to set up ldap plugin on it i have followed the same procedure as above but no success

51

Hi @Anzal_Ahmed,

what exactly did you do? Can I see your configuration files, maybe log files or a screenshot of the error message?

I haven’t yet come around to adding more logging (cc @Zohaib09, I haven’t forgotten about your problem), so I’m afraid I’ll probably have to stick to poking into the dark, sorry.

Kind regards
TuringTux

52

sure @TuringTux
Firstly I excecuted

source venv/bin/activate (using taiga user)

then I run
pip install git+https://github.com/TuringTux/taiga-contrib-ldap-auth-ext-2.git

Here is my config.py
INSTALLED_APPS += [“taiga_contrib_ldap_auth_ext”]
LDAP_SERVER = “ldap://LDAP_SERVER_IP”
LDAP_PORT = LDAP_PORT_NUMBER
LDAP_BIND_DN = “CN=admin,DC=mydomain,DC=tech”
LDAP_BIND_PASSWORD = “my_LDAP_PASSWORD”
LDAP_SEARCH_BASE = ‘OU=people,DC=mydomain,DC=tech’
LDAP_USERNAME_ATTRIBUTE = “uid”
LDAP_EMAIL_ATTRIBUTE = “mail”
LDAP_FULL_NAME_ATTRIBUTE = “cn”
LDAP_SAVE_LOGIN_PASSWORD = False
LDAP_MAP_USERNAME_TO_UID = None

after that
sudo systemctl restart taiga
No progress!

53

Hi @Anzal_Ahmed,

your backend config looks fine (although you can also just use pip install taiga-contrib-ldap-auth-ext to install the package).

Have you adjusted the frontend configuration (see https://github.com/Monogramm/taiga-contrib-ldap-auth-ext/blob/master/README.md#taiga-front-1)?

If not, that might be the reason why it doesn’t work.

Kind regards
TuringTux

54

Hello, I try to login my taiga in docker installation with this procedure : GitHub - Monogramm/taiga-contrib-ldap-auth-ext: 🐍 Extended Taiga plugin for LDAP authentication

But when I try to connect with a user I have “POST /api/v1/auth HTTP/1.1” 401

How can I see where are problems ? This is the better solution ?

Thanks for you’re help

55

Currently, it is very hard to see the problems (as the plugin does not really have a lot of logging), so I sadly can only help debugging by guessing:

Do you use Docker?

If so, can you give me the output of the frontend configuration? A command like this should work (you might need to replace taiga-taiga-front-1 with the name of the container it is called for you, you can find it using docker compose ps):

docker exec -it taiga-taiga-front-1 cat /usr/share/nginx/html/conf.json

I often missed configuring this when setting the plugin up on my own.

Also, can you have a look at the network inspector, and tell me the exact response (JSON) of the POST request?

56

This :

{
“api”: “https://url/api/v1/”,
“eventsUrl”: “wss://url/events”,
“baseHref”: “/”,
“eventsMaxMissedHeartbeats”: 5,
“eventsHeartbeatIntervalTime”: 60000,
“eventsReconnectTryInterval”: 10000,
“debug”: true,
“debugInfo”: true,
“defaultLanguage”: “en”,
“themes”: [“taiga”],
“defaultTheme”: “taiga”,
“defaultLoginEnabled”: true,
“publicRegisterEnabled”: false,
“feedbackEnabled”: true,
“supportUrl”: “https://community.taiga.io/”,
“privacyPolicyUrl”: null,
“termsOfServiceUrl”: null,
“maxUploadFileSize”: null,
“contribPlugins”: ,
“gitHubClientId”: “”,
“gitLabClientId”: “”,
“gitLabUrl”: “”,
“tagManager”: { “accountId”: null },
“tribeHost”: null,
“enableAsanaImporter”: false,
“enableGithubImporter”: false,
“enableJiraImporter”: false,
“enableTrelloImporter”: false,
“gravatar”: false,
“loginFormType” : “ldap”,
“rtlLanguages”: [
“ar”,
“fa”,
“he”
]
}

57

This looks fine, "loginFormType": "ldap" is set (which should make it work). What is the server response body you receive together with the 401 response?

58

I have this log and no other informations

taiga-gateway-1 | 172.18.0.1 - - [04/Jun/2025:13:42:52 +0000] “POST /api/v1/auth HTTP/1.1” 401 95 “https://url/login” “Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0” “10.32.15.81”

59

Can you check this in the Browser’s DevTools, i.e., on the client side (using F12 or Ctrl+Shift+I to open them)? There you should see the full response body, which is what I’d need.

60

That ?

requete-http-401-response
requete-http-401-response1914×314 3.44 KB