> I think I know what is the problem: I just seen you used 1.6, did you
> tried 1.6.1 ?
I've not tried 1.6.1. We were on 1.1-m1 for a LONG time. I upgraded to
1.6 after a lot of red tape on my end. Seems like the next day, 1.6.1 came
out :-(
> There is another thing user_group is used for : when listing LDAP
> group to find the user, LDAP authenticator get group's members DNs. So
> the user DN is already found during this process and don't need to be
> searched. But there is a bug in 1.6 (and fixed in 1.6.1) that makes
> search of DN by uid to fail.
I'd like to find that reported bug so I can develop a better understanding.
My ultimate goal is to have the ability to specify multiple groups (not
one) to filter for out of LDAP an have users in those automatically created
and NOT fall back to internal XWiki DB authentication. The only reason I
turned off the group filter was because it doesn't support multiple groups
(I'm considering submitting a patch) hoping that I could just allow users
in any LDAP group to participate.
Regards,
Brian.
"Thomas Mortagne"
<thomas.mortagne@
xwiki.com> To
Sent by: "XWiki Users" <users@xwiki.org>
[EMAIL PROTECTED] cc
ki.org
Subject
Re: [xwiki-users] Trouble with
10/28/2008 10:10 LDAP/ActiveDirectory authentication
AM
Please respond to
XWiki Users
<users@xwiki.org>
I think I know what is the problem: I just seen you used 1.6, did you
tried 1.6.1 ?
There is another thing user_group is used for : when listing LDAP
group to find the user, LDAP authenticator get group's members DNs. So
the user DN is already found during this process and don't need to be
searched. But there is a bug in 1.6 (and fixed in 1.6.1) that makes
search of DN by uid to fail.
On Tue, Oct 28, 2008 at 5:03 AM, <[EMAIL PROTECTED]> wrote:
>> user_group is really just a filter and do nothing else, so I don't
>> have any idea how it can have influence on the skin.
>
> I also didn't expect it to have the effect it did.
>
>> Is the user's profile is correctly created and contains rights
> informations ?
>
> I believe so. I can go to the user's page in XWiki and it shows up as I
> expect it.
>
>> Is this append all the time for any user ?
>
> Sadly, I can only test for myself at the moment as I don't have access to
> the other users' passwords.
>
> - - - - - - - - - -
>
> Now here's some more details:
>
> After I commented out the "xwiki.authentication.ldap.user_group", I still
> couldn't log in (well, half way, as I said before). Then I looked deeper
> in teh config and noticed that my search base DN was not what I expected.
> I changed it to include "cn=Users":
>
> xwiki.authentication.ldap.base_DN=cn=Users,dc=XXXX,dc=YYYY
>
> However, even then I couldn't log in. I'm not confident that is the
right
> base_DN to use, but I'm unsure of what else to test.
>
> I also discovered that I had it falling back to XWiki's DB, so the
> problematic could still log in if I created her account manually:
>
> xwiki.authentication.ldap.trylocal=1
>
> However, I'm not sure I like that solution.
>
> Regards,
> Brian.
>
>
> -----------------------------------------
> CONFIDENTIALITY STATEMENT:
> This e-mail transmission contains information that is intended to
> be confidential. It is intended only for the addressee named
> above. If you receive this e-mail in error, please do not read,
> copy, or disseminate it. If you are not the intended recipient,
> any disclosure, copying, distribution or use of the contents of
> this information is prohibited. Please reply to the message
> immediately by informing the sender that the message was
> misdirected. After replying, please erase it from your computer
> system. Your assistance in correcting this error is appreciated.
> _______________________________________________
> users mailing list
> users@xwiki.org
> http://lists.xwiki.org/mailman/listinfo/users
>
--
Thomas Mortagne
_______________________________________________
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
