[stork-users] Stork Server LDAP hook loading but Bad Request 400

Peters Vincent Vincent.Peters at chur.ch
Wed Dec 17 07:43:03 UTC 2025 

Hi Ben

I solved the Problem by modifying the .env file. Now it looks like this

STORK_AUTH_METHOD=ldap
STORK_SERVER_HOOKS=ldap

STORK_SERVER_HOOK_LDAP_DEBUG=true
STORK_SERVER_HOOK_LDAP_URL=ldap://domainxx01.net.net:389
STORK_SERVER_HOOK_LDAP_OBJECT_CLASS_USER_ID=sAMAccountName
STORK_SERVER_HOOK_LDAP_OBJECT_CLASS_GROUP=group
STORK_SERVER_HOOK_LDAP_BIND_USERDN=CN=ServiceAccountStork,OU=stork,OU=application,OU=accounts,DC=net,DC=net
STORK_SERVER_HOOK_LDAP_BIND_PASSWORD=Passwd
STORK_SERVER_HOOK_LDAP_ROOT=DC=net,DC=net
STORK_SERVER_HOOK_LDAP_MAP_GROUPS=true
STORK_SERVER_HOOK_LDAP_GROUP_ADMIN=stork-admin
STORK_SERVER_HOOK_LDAP_GROUP_SUPER_ADMIN=stork-admin

The Problem was thatSTORK_SERVER_HOOKS=ldap was missing and the STORK_SERVER_HOOK_LDAP_GROUP_ALLOW=stork-admin needed to be removed

Thanks
Greetings
_________________________________________  
Vincent Peters
Stadt Chur
  
Informatik / Security & Communications


-----Ursprüngliche Nachricht-----
Von: Stork-users <stork-users-bounces at lists.isc.org> Im Auftrag von Ben Scott
Gesendet: Mittwoch, 17. Dezember 2025 00:30
An: stork-users at lists.isc.org
Betreff: Re: [stork-users] Stork Server LDAP hook loading but Bad Request 400

On 12/16/25 11:41, Peters Vincent wrote:
> We are having a Problem with the LDAP in Stork. We configured it like 
> on the Manual but we get all the time a bad request 400

   As you are discovering, LDAP integration problems are difficult to diagnose.  There are many steps in the LDAP authentication process (and thus many log lines).  The problem is not always obvious, nor near the end.  Your logs are incomplete (missing the start of the transaction) so that makes it very hard to say.  You may also need to check the logs on your domain controllers, and/or, adjust Group Policy to reveal the needed details.

   I can offer up some log samples from lab testing I was doing earlier this year.  Perhaps by comparing known scenarios against your complete log, you can find one which matches.  You can also look at the success sample, and compare the same way.

	https://users.isc.org/~bscott/stork_ldap_logs/

   Hope this helps.

   -- Ben

--
Any opinions expressed in this message are those of the author alone.
All information is provided without warranty of any kind.

--
Stork-users mailing list
Stork-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/stork-users

More information about the Stork-users mailing list