Hi Ryan,
Thanks for that, shortly realised afterwards my mistake.
It seems that my ldap config isn't searching before binding:
Config:
require_once ('extensions/LdapAuthentication.php');
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDebug = 3;
$wgDebugLogGroups["ldap"] = "C:\NewDebug.log" ;
$wgLDAPDomainNames = array(
'localdomain.local'
);
$wgLDAPServerNames = array(
'localdomain.local' => 'DC1.localdomain.local DC2.localdomain.local'
);
$wgLDAPSearchStrings = array(
'localdomain.local' => 'uid=USER-NAME,OU=Users,DC=localdomain,DC=local'
);
$wgLDAPEncryptionType = array(
'localdomain.local' => 'ssl'
);
$wgMinimalPasswordLength = 1;
$wgLDAPProxyAgent = array(
'localdomain.local' =>
'cn=MediaWikiLDAPSearcher,ou=Users,dc=localdomain,dc=local'
);
$wgLDAPProxyAgentPassword = array(
'localdomain.local' => 'MyLDAPSearcherPassword'
);
Debug:
2011-02-01 21:11:11 wikidb: Entering validDomain
2011-02-01 21:11:11 wikidb: User is using a valid domain.
2011-02-01 21:11:11 wikidb: Setting domain as: localdomain.local
2011-02-01 21:11:11 wikidb: Entering getCanonicalName
2011-02-01 21:11:11 wikidb: Username isn't empty.
2011-02-01 21:11:11 wikidb: Munged username: someuser
2011-02-01 21:11:11 wikidb: Entering userExists
2011-02-01 21:11:11 wikidb:
2011-02-01 21:11:11 wikidb: Entering authenticate
2011-02-01 21:11:11 wikidb:
2011-02-01 21:11:11 wikidb: Entering Connect
2011-02-01 21:11:11 wikidb: Using SSL
2011-02-01 21:11:11 wikidb: Using servers:
ldaps://DC1.localdomain.local ldaps://DC2.localdomain.local
2011-02-01 21:11:11 wikidb: Connected successfully
2011-02-01 21:11:11 wikidb: Entering getSearchString
2011-02-01 21:11:11 wikidb: Doing a straight bind
2011-02-01 21:11:11 wikidb: userdn is:
uid=someuser,OU=Users,DC=localdomain,DC=local
2011-02-01 21:11:11 wikidb:
2011-02-01 21:11:11 wikidb: Binding as the user
2011-02-01 21:11:11 wikidb: Failed to bind as
uid=someuser,OU=Users,DC=localdomain,DC=local
2011-02-01 21:11:11 wikidb: Entering allowPasswordChange
2011-02-01 21:11:11 wikidb: Entering modifyUITemplate
On Tue, Feb 1, 2011 at 9:12 PM, Ryan Lane <[email protected]> wrote:
>> $wgLDAPDebug = 3;
>> $wgDebugLogFile = 'C:\LDAPDebug.log';
>> require_once ('extensions/LdapAuthentication.php');
>>
>> $wgAuth = new LdapAuthenticationPlugin();
>> //LDAP Code from "Single Domain Requiring Search Before Binding"
>> Including proxy settings.
>>
>
> Please see:
> http://www.mediawiki.org/wiki/Extension:LDAP_Authentication/Options#Debugging_options
>
> I use a specific log group so that the logs will be separated out:
>
> $wgDebugLogGroups["ldap"] = "C:\LDAPDebug.log";
>
> Also, place options after the $wgAuth line, not before it.
>
> - Ryan Lane
>
> _______________________________________________
> MediaWiki-l mailing list
> [email protected]
> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
>
_______________________________________________
MediaWiki-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
