- [Blank White Screen on Access](#blank-white-screen-on-access)
- [No Styles and Large Icons on Access](#no-styles-and-large-icons-on-access)
- [Broken Links or No Images After APP_URL Change](#broken-links-or-no-images-after-app_url-change)
+ - [Failing Database or Auth System Credentials](#failing-database-or-auth-system-credentials)
- [Submitting Issues](#submitting-issues)
### Error Log File
- Check that the `APP_URL` option is set in your `.env` file and ensure it matches the URL you're accessing BookStack on (Including the "https://" or "http://" component).
- Check that you're using the `release` code branch. If you cloned the project without a branch flag, or downloaded the files from GitHub, you may be using the development branch files which does not include some of these required files.
+##### Failing Database or Auth System Credentials
+
+If you've used a password in the `.env` file which you are sure is correct, but authentication fails for that service, it may be due to
+special characters being handled different in the `.env` configuration. Ensure that any such passwords or config options are wrapped in quotes. For example:
+
+```txt
+DB_PASSWORD="hunter#2@"
+```
+
##### Broken Links or No Images After APP_URL Change
BookStack will store absolute URL paths for some content, such as images, in the database.
# LDAP_SERVER=ldaps://example.com:636
# The base DN from where users will be searched within
-LDAP_BASE_DN=ou=People,dc=example,dc=com
+LDAP_BASE_DN="ou=People,dc=example,dc=com"
# The full DN and password of the user used to search the server
-# Can both be left as false to bind anonymously
-LDAP_DN=false
-LDAP_PASS=false
+# Can both be left as 'false' (without quotes) to bind anonymously
+LDAP_DN="cn=serviceaccount,ou=People,dc=example,dc=org"
+LDAP_PASS="my#super#secret#password543"
# A filter to use when searching for users
# The user-provided user-name used to replace any occurrences of '${user}'
BookStack has the ability to sync LDAP user groups with BookStack roles. By default this will match LDAP group names with the BookStack role display names with casing ignored.
This can be overridden by via the 'External Authentication IDs' field which can be seen when editing a role while LDAP authentication is enabled. This field can be populated with common names (CNs) of accounts *or* groups. If filled, CNs in this field will be used and the role name will be ignored. You can match on multiple CNs by separating them with a comma.
-When matching LDAP groups with role names or 'External Authentication IDs' values, BookStack will standardise the names of ldap groups to be lower-cased and spaces will be replaced with hypens. For example, to match a LDAP group named "United Kingdom" an 'External Authentication IDs' value of "united-kingdom" could be used.
+When matching LDAP groups with role names or 'External Authentication IDs' values, BookStack will standardise the names of ldap groups to be lower-cased and spaces will be replaced with hyphens. For example, to match a LDAP group named "United Kingdom" an 'External Authentication IDs' value of "united-kingdom" could be used.
This feature requires the LDAP server to be able to provide user groups when queried. This is enabled by default on ActiveDirectory via the 'memberOf' attribute but other LDAP systems may need to be configured to enable such functionality. Be aware that the 'memberOf' attribute does not include the user's primary group. If using OpenLDAP you'll need to setup the memberof overlay.
projects / website / commitdiff