I would suggest changing the ldap authentication to look at your samaccountname's since they appear to not have any spaces, periods or special characters which I have noticed break the authentication.
Philip Wright Reports Analyst ACS: BPS Affiliated Computer Services, Inc Affiliated Computer Services, Inc (ACS) Proprietary and Confidential Information This document (or any part thereof) may not be disseminated outside of ACS in either electronic or physical form without specific authorization of the office of the ACS Chief Information Security Officer. The information included in this document represents no commitment by ACS to any other party. The policies and standards described do not consider any country law or other directive outside of the United States. P Please consider the environment before printing this email -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Zoltan Gyula Beck Sent: Tuesday, July 15, 2008 8:27 AM To: users@xwiki.org Subject: [xwiki-users] Active Directory 2. Hi Members! I still have problems with xwiki and Active Directory authentication. I upgraded to 1.5 RC1, but didn't helped. This are my users ldif: dn: CN=Sztar Balazs, OU=COMPANY, DC=company,DC=intranet displayName: Sztar Balazs givenName: Sztar sAMAccountType: 805306368 primaryGroupID: 513 objectClass: top objectClass: person objectClass: organizationalPerson objectClass: user badPasswordTime: 128606019171875000 objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=company,DC=intranet cn: Sztar Balazs userAccountControl: 66048 userPrincipalName: [EMAIL PROTECTED] codePage: 0 distinguishedName: CN=Sztar Balazs,OU=COMPANY,DC=company,DC=intranet whenChanged: 20080715132556.0Z whenCreated: 20080707142421.0Z pwdLastSet: 128606019568593750 logonCount: 0 accountExpires: 9223372036854775807 lastLogoff: 0 objectGUID: ^LB¯¡Úr]G<93>ç.;\zöA sn: Balazs lastLogon: 128606019762343750 uSNChanged: 16406 uSNCreated: 13936 objectSid: [EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@Ú¤uÊ^?<99><94>[EMAIL PROTECTED]@ countryCode: 0 sAMAccountName: balazs instanceType: 4 badPwdCount: 0 name: Sztar Balazs dn: CN=Zoltán Beck, OU=COMPANY, DC=company,DC=intranet displayName: Zoltán Beck givenName: Zoltán sAMAccountType: 805306368 primaryGroupID: 513 objectClass: top objectClass: person objectClass: organizationalPerson objectClass: user badPasswordTime: 0 objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=company,DC=intranet cn: Zoltán Beck userAccountControl: 66048 userPrincipalName: [EMAIL PROTECTED] codePage: 0 distinguishedName: CN=Zoltán Beck,OU=COMPANY,DC=company,DC=intranet whenChanged: 20080715143431.0Z whenCreated: 20080715143431.0Z pwdLastSet: 128606060713750000 logonCount: 0 accountExpires: 9223372036854775807 lastLogoff: 0 objectGUID: Ì~õÜPuýC<93><8f>)¾¨<8b>^Wà sn: Beck lastLogon: 0 uSNChanged: 16425 uSNCreated: 16419 objectSid: [EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@Ú¤uÊ^?<99><94>[EMAIL PROTECTED]@ countryCode: 0 sAMAccountName: beck instanceType: 4 badPwdCount: 0 name: Zoltán Beck xwiki.cfg: xwiki.authentication.ldap=1 xwiki.authentication.ldap.server=172.16.1.165 xwiki.authentication.ldap.check_level=1 xwiki.authentication.ldap.port=389 xwiki.authentication.ldap.base_DN=dc=company,dc=intranet xwiki.authentication.ldap.bind_DN=cn={0},ou=COMPANY,dc=company,dc=intranet xwiki.authentication.ldap.bind_pass={1} xwiki.authentication.ldap.UID_attr=sAMAccountName xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=sn,fi rst_name=givenName,fullname=displayName,mail=cn,ldap_dn=dn So actually with Sztar Balazs user I an loging and user the wiki, but with Zoltán Beck I got the following error: [15/Jul/2008:17:03:27] info (20106): CORE3282: stdout: 2008-07-15 17:03:27,844 [https://unixdba.sysman.hu/xwiki/bin/loginsubmit/XWiki/XWikiLogin] [service-j2ee-8] ERROR LDAP.LDAPAuthServiceImpl - LDAP Bind failed with Exception Invalid Credentials In the Active Directory Event Viever I can't see anything about this failed login attempt! It is possible to login with sAMAccountName attribute or it will be developed in the near future? Best regards, bzg -- Zoltan Gyula Beck Tel.: +36-70-328-9306 E-Mail: [EMAIL PROTECTED] _______________________________________________ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users _______________________________________________ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
