Also can all of your user's view your LDAP? Or do you need a login with
admin privileges to do so? If you need admin privileges to view the ldap you
would need to replace:
xwiki.authentication.ldap.bind_DN=cn={0},ou=COMPANY,dc=company,dc=intranet
xwiki.authentication.ldap.bind_pass={1}
With:
xwiki.authentication.ldap.bind_DN=cn=***AdminUsername***,ou=COMPANY,dc=compa
ny,dc=intranet
xwiki.authentication.ldap.bind_pass=***AdminPassword***
Philip Wright
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Zoltan Gyula Beck
Sent: Tuesday, July 15, 2008 2:28 PM
To: XWiki Users
Subject: Re: [xwiki-users] Active Directory 2.
Thank you Philip, but how can I do it? Can you explain me please. The
xwiki.authentication.ldap.UID_attr=sAMAccountName is set, but doesn't work
for me, if in login I write the balazs or beck "user names".
Best Regards,
bzg
2008/7/15 Wright, Philip <[EMAIL PROTECTED]>:
> I would suggest changing the ldap authentication to look at your
> samaccountname's since they appear to not have any spaces, periods or
> special characters which I have noticed break the authentication.
>
>
>
>
> Philip Wright
>
> Reports Analyst
>
> ACS: BPS
> Affiliated Computer Services, Inc
>
>
>
> Affiliated Computer Services, Inc (ACS) Proprietary and Confidential
> Information This document (or any part thereof) may not be
> disseminated outside of ACS in either electronic or physical form
> without specific authorization of the office of the ACS Chief
> Information Security Officer. The information included in this
> document represents no commitment by ACS to any other party. The
> policies and standards described do not consider any country law or
> other directive outside of the United States.
>
> P Please consider the environment before printing this email
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Zoltan Gyula Beck
> Sent: Tuesday, July 15, 2008 8:27 AM
> To: users@xwiki.org
> Subject: [xwiki-users] Active Directory 2.
>
> Hi Members!
>
> I still have problems with xwiki and Active Directory authentication.
> I upgraded to 1.5 RC1, but didn't helped.
>
> This are my users ldif:
> dn: CN=Sztar Balazs, OU=COMPANY, DC=company,DC=intranet
> displayName: Sztar Balazs
> givenName: Sztar
> sAMAccountType: 805306368
> primaryGroupID: 513
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: user
> badPasswordTime: 128606019171875000
> objectCategory:
> CN=Person,CN=Schema,CN=Configuration,DC=company,DC=intranet
> cn: Sztar Balazs
> userAccountControl: 66048
> userPrincipalName: [EMAIL PROTECTED]
> codePage: 0
> distinguishedName: CN=Sztar Balazs,OU=COMPANY,DC=company,DC=intranet
> whenChanged: 20080715132556.0Z
> whenCreated: 20080707142421.0Z
> pwdLastSet: 128606019568593750
> logonCount: 0
> accountExpires: 9223372036854775807
> lastLogoff: 0
> objectGUID: ^LB¯¡Úr]G<93>ç.;\zöA
> sn: Balazs
> lastLogon: 128606019762343750
> uSNChanged: 16406
> uSNCreated: 13936
> objectSid: [EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL
> PROTECTED]@Ú¤uÊ^?<99><94>[EMAIL PROTECTED]@
> countryCode: 0
> sAMAccountName: balazs
> instanceType: 4
> badPwdCount: 0
> name: Sztar Balazs
>
>
> dn: CN=Zoltán Beck, OU=COMPANY, DC=company,DC=intranet
> displayName: Zoltán Beck
> givenName: Zoltán
> sAMAccountType: 805306368
> primaryGroupID: 513
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: user
> badPasswordTime: 0
> objectCategory:
> CN=Person,CN=Schema,CN=Configuration,DC=company,DC=intranet
> cn: Zoltán Beck
> userAccountControl: 66048
> userPrincipalName: [EMAIL PROTECTED]
> codePage: 0
> distinguishedName: CN=Zoltán Beck,OU=COMPANY,DC=company,DC=intranet
> whenChanged: 20080715143431.0Z
> whenCreated: 20080715143431.0Z
> pwdLastSet: 128606060713750000
> logonCount: 0
> accountExpires: 9223372036854775807
> lastLogoff: 0
> objectGUID: Ì~õÜPuýC<93><8f>)¾¨<8b>^WÃ
> sn: Beck
> lastLogon: 0
> uSNChanged: 16425
> uSNCreated: 16419
> objectSid: [EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL
> PROTECTED]@Ú¤uÊ^?<99><94>[EMAIL PROTECTED]@
> countryCode: 0
> sAMAccountName: beck
> instanceType: 4
> badPwdCount: 0
> name: Zoltán Beck
>
>
> xwiki.cfg:
> xwiki.authentication.ldap=1
> xwiki.authentication.ldap.server=172.16.1.165
> xwiki.authentication.ldap.check_level=1
> xwiki.authentication.ldap.port=389
> xwiki.authentication.ldap.base_DN=dc=company,dc=intranet
> xwiki.authentication.ldap.bind_DN=cn={0},ou=COMPANY,dc=company,dc=intr
> anet xwiki.authentication.ldap.bind_pass={1}
> xwiki.authentication.ldap.UID_attr=sAMAccountName
> xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name
> =sn,fi rst_name=givenName,fullname=displayName,mail=cn,ldap_dn=dn
>
> So actually with Sztar Balazs user I an loging and user the wiki, but
> with Zoltán Beck I got the following error:
> [15/Jul/2008:17:03:27] info (20106): CORE3282: stdout: 2008-07-15
> 17:03:27,844
> [https://unixdba.sysman.hu/xwiki/bin/loginsubmit/XWiki/XWikiLogin]
> [service-j2ee-8] ERROR LDAP.LDAPAuthServiceImpl - LDAP Bind
> failed with Exception Invalid Credentials
>
> In the Active Directory Event Viever I can't see anything about this
> failed login attempt!
>
> It is possible to login with sAMAccountName attribute or it will be
> developed in the near future?
>
> Best regards,
> bzg
> --
> Zoltan Gyula Beck
> Tel.: +36-70-328-9306
> E-Mail: [EMAIL PROTECTED]
> _______________________________________________
> users mailing list
> users@xwiki.org
> http://lists.xwiki.org/mailman/listinfo/users
> _______________________________________________
> users mailing list
> users@xwiki.org
> http://lists.xwiki.org/mailman/listinfo/users
>
--
Zoltan Gyula Beck
Tel.: +36-70-328-9306
E-Mail: [EMAIL PROTECTED]
_______________________________________________
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
