Dollibar - Active directory connecting but not fetching users

Installing my Dolibarr
,
1

Hello, everyone!

Summary: I have managed to connect my new Dolibarr installation to Active Directory but I can not make it fetching the users. Could you please give a clue where I should dig into?

Details:

Here is my setup:

OS: Windows Server 2019
PHP php-8.1.18-Win32-vs16-x64
MySQL v. 8.0.32
Apache 2.4.57
Dolibarr ver: 16.0.4 & 17.0.1 (tried both - faced the same issue)

I am a new in both installing and using the Dolibarr solution. I have chosen the manuall installation method according to the guide Manual installation on Windows - Dolibarr ERP CRM Wiki

Just after installaiton is finished I am trying to setup Dolibarr-Windows Active Directory integration.

Here are my steps:

  1. Activate php_ldap.dll extension
  2. Create a special read-only account in the AD
  3. Activate ldap module in Dolibarr
  4. Configure the module according to the HOWTO: LDAP + ActiveDirectory instructions (with authentication) for Dolibarr 12 manual

Global parameters tab:

Users and groups synchronization: LDAP → Dolibarr
Contacts’ synchronization: No
Type: Active Directory
Version: Version 3
Primary server: ldap://myserverdnsname
Server port: 389
Server DN:
Use TLS: No
Password hash type: MD5
Administrator DN: CN=msa-Dolibarr-APP,OU=Service accounts
Administrator password: ****

Here I am getting a successful result on clicking TEST LDAP CONNECTION button

 TCP connect to LDAP server successful 
 Connect/Authenticate to LDAP server successful
 LDAP server configured for version 3

Users tab:

Users’ DN: Copied-pasted distinguishedname of my OU from AD
List of objectClass: top,user (tried all variants)
Search filter: empty (also tried all variants)

Full name: cn
Name: sn
Login (samba, activedirectory): samaccountname (radiobutton Key In LDAP is on)
Email address: mail

  • all other fields are empty

Here when I am clicking TEST LDAP SEARCH button nothing happens, no results on the page or someting.

Meanwhile dolibarr.log file content looks like:

2023-04-17 06:21:25 DEBUG 172.17.0.166 Ldap::connect_bind try bindauth for activedirectory on ldap:/myserverdnsname user=CN=msa-Dolibarr-APP,OU=Service accounts,password=**********
2023-04-17 06:21:25 DEBUG 172.17.0.166 Ldap::connect_bind return=2
2023-04-17 06:21:25 DEBUG 172.17.0.166 Ldap::getRecords search=* userDn=OU=Users, useridentifier=samaccountname attributeArray=array(samaccountname,cn,sn,mail) activefilter=1
2023-04-17 06:21:25 DEBUG 172.17.0.166 Ldap::bindauth serverType=activedirectory searchUser=CN=msa-Dolibarr-APP,OU=Service accounts,
2023-04-17 06:21:25 DEBUG 172.17.0.166 — End access to /dolibarr/admin/ldap_users.php

Is there something else I should enable on the php / apache side to make this AD user fetching work?

Many thanks in advance for your replies!