I tweaked the test class a bit to conform the settings I have in my "normal" wiki setup:
LDAP search: baseDN=[cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] query=[null] attr=[[objectClass, uid, member, uniquemember]] ldapScope=[0] {name=dn value=cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore} {name=member value=cn=a12345,ou=associates,ou=users,o=wlgore} {name=member value=cn=a12341,ou=associates,ou=users,o=wlgore} {name=member value=cn=a12342,ou=associates,ou=users,o=wlgore} {name=member value=cn=a12343,ou=partners,ou=non-associates,ou=users,o=wlgore} {name=member value=cn=a12344,ou=associates,ou=users,o=wlgore} {name=objectClass value=groupOfNames} {name=objectClass value=Top} I does now exactly the same LDAP search as printed out and it is still not returning anything. Which methods are called when performing the group-fetch? Maybe I used the wrong ones? Did you have a chance to look into your code? Thanks! Thomas "Thomas Mortagne" <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 19.11.2008 14:14 Please respond to XWiki Users <users@xwiki.org> To "XWiki Users" <users@xwiki.org> cc Subject Re: [xwiki-users] LDAP Groupmembers not updated to XWiki-Groups On Wed, Nov 19, 2008 at 1:22 PM, Thomas Zwitanowitsch <[EMAIL PROTECTED]> wrote: > We're using Novell's eDirectory. I thought of the same thing that > lowercase could be a problem. But on the other side the "member" attribute > is all lowercase - only "equivalentToMe" is mixed case. And I just tried > it to only map it to "member" with no change. Right you should get "name" at least. It's weird than you get the "objectClass" attributes and not the "name". I don't have more ideas of what can be the problem yet. Do the LDAP user have right to list LDAP groups ? > > Here are the new logs: > > bstractXWikiMigrationManager - No storage migration required since > current version is [7351] > ldap.XWikiLDAPConfig - ldap_group_classes: [groupofnames, > group, top, dynamicgroupaux, groupofuniquenames, > groupwisedistributionlist, dynamicgroup] > ldap.XWikiLDAPConfig - ldap_group_memberfields: > [equivalenttome, member] > ldap.XWikiLDAPConnection - Connection to LDAP server > [heffalump.wlgore.com:389] > ldap.XWikiLDAPConnection - Binding to LDAP server with credentials > login=[cn=intranet_proxy,ou=proxy-users,ou=system,o=wlgore] > password=[***********] > LDAP.XWikiLDAPAuthServiceImpl - Found user dn with the user object: null > ldap.XWikiLDAPConfig - Ready to create user from LDAP with > fields > last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn > ldap.XWikiLDAPUtils - Searching for the user in LDAP: > user:tzwitano base: query:(uid=tzwitano) uid:uid > ldap.XWikiLDAPConnection - LDAP search: baseDN=[] > query=[(uid=tzwitano)] attr=[[sn, givenName, fullName, mail, dn]] > ldapScope=[2] > ldap.XWikiLDAPConnection - LDAP search found attributes: [{name=dn > value=cn=a12345,ou=associates,ou=users,o=wlgore}, {name=sn > value=Zwitanowitsch}, {name=mail [EMAIL PROTECTED], > {name=givenName value=Thomas}, {name=fullName value=Thomas Zwitanowitsch > }] > LDAP.XWikiLDAPAuthServiceImpl - LDAP attributes will be used to update > XWiki attributes. > LDAP.XWikiLDAPAuthServiceImpl - Updating existing user with LDAP > attribues located at cn=a12345,ou=associates,ou=users,o=wlgore > ldap.XWikiLDAPConfig - Ready to create user from LDAP with > fields > last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn > ldap.XWikiLDAPConfig - Groupmapping found: > XWiki.XWikiAdminGroup > cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore > ldap.XWikiLDAPConfig - Groupmapping found: XWiki.MSOEGroup > cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore > ldap.XWikiLDAPConfig - Groupmapping found: > XWiki.MedicalFabricsAdmGroup > cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore > ldap.XWikiLDAPConfig - Groupmapping found: > XWiki.MedicalFabricsGroup > cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore > LDAP.XWikiLDAPAuthServiceImpl - Updating group membership for the user: > tzwitano > LDAP.XWikiLDAPAuthServiceImpl - The user belongs to following XWiki > groups: > LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAllGroup > LDAP.XWikiLDAPAuthServiceImpl - All defined XWiki groups: > LDAP.XWikiLDAPAuthServiceImpl - XWiki.MSOEGroup > LDAP.XWikiLDAPAuthServiceImpl - XWiki.MedicalFabricsAdmGroup > LDAP.XWikiLDAPAuthServiceImpl - XWiki.MedicalFabricsGroup > LDAP.XWikiLDAPAuthServiceImpl - XWiki.TrillrAdmin > LDAP.XWikiLDAPAuthServiceImpl - XWiki.TrillrUser > LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAdminGroup > LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAllGroup > ldap.XWikiLDAPUtils - Retrieving Members of the group: > cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore > ldap.XWikiLDAPConnection - LDAP search: > baseDN=[cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] > query=[null] attr=[[objectClass, uid, equivalenttome, member]] > ldapScope=[0] > ldap.XWikiLDAPConnection - LDAP search found attributes: [{name=dn > value=cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore}, > {name=objectClass value=groupOfNames}, {name=objectClass value=Top}] > ldap.XWikiLDAPUtils - Found group > [cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] > members :{} > ldap.XWikiLDAPUtils - Retrieving Members of the group: > cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore > ldap.XWikiLDAPConnection - LDAP search: > baseDN=[cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] > query=[null] attr=[[objectClass, uid, equivalenttome, member]] > ldapScope=[0] > ldap.XWikiLDAPConnection - LDAP search found attributes: [{name=dn > value=cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore}, > {name=objectClass value=groupOfNames}, {name=objectClass value=Top}] > ldap.XWikiLDAPUtils - Found group > [cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] > members :{} > ldap.XWikiLDAPUtils - Retrieving Members of the group: > cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore > ldap.XWikiLDAPConnection - LDAP search: > baseDN=[cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] > query=[null] attr=[[objectClass, uid, equivalenttome, member]] > ldapScope=[0] > ldap.XWikiLDAPConnection - LDAP search found attributes: [{name=dn > value=cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore}, > {name=objectClass value=groupOfNames}, {name=objectClass value=Top}] > ldap.XWikiLDAPUtils - Found group > [cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] > members :{} > ldap.XWikiLDAPUtils - Retrieving Members of the group: > cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore > ldap.XWikiLDAPConnection - LDAP search: > baseDN=[cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] > query=[null] attr=[[objectClass, uid, equivalenttome, member]] > ldapScope=[0] > ldap.XWikiLDAPConnection - LDAP search found attributes: [{name=dn > value=cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore}, > {name=objectClass value=groupOfNames}, {name=objectClass value=Top}] > ldap.XWikiLDAPUtils - Found group > [cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] > members :{} > > > > > "Thomas Mortagne" <[EMAIL PROTECTED]> > Sent by: [EMAIL PROTECTED] > 19.11.2008 13:11 > Please respond to > XWiki Users <users@xwiki.org> > > > To > "XWiki Users" <users@xwiki.org> > cc > > Subject > Re: [xwiki-users] LDAP Groupmembers not updated to XWiki-Groups > > > > > > > By the way Maybe your already said it but which LDAP server are you > using ? The attributes are lower cased by XWiki to not depends on the > case of attributes when manipulating them. It's generaly not a problem > for LDAP but maybe there a problem with the server your are using... > > On Wed, Nov 19, 2008 at 1:07 PM, Thomas Mortagne > <[EMAIL PROTECTED]> wrote: >> On Wed, Nov 19, 2008 at 12:08 PM, Thomas Zwitanowitsch >> <[EMAIL PROTECTED]> wrote: >>> Looks like it doesn't see the other attributes... >>> >>> ldap.XWikiLDAPUtils - Found group >>> > [cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] >>> members :{} >>> ldap.XWikiLDAPUtils - Retrieving Members of the group: >>> > cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore >>> ldap.XWikiLDAPConnection - LDAP search: >>> > baseDN=[cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] >>> query=[null] attr=[[Ljava.lang.String;@178f36a] ldapScope=[0] >>> ldap.XWikiLDAPConnection - LDAP search found attributes: > [{name=dn >>> > value=cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore}, >>> {name=objectClass value=groupOfNames}, {name=objectClass value=Top}] >>> >>> Do you need the other lines as well? >> >> I just improved the log to see exactly what attributes names are used >> in the search (in place of [[Ljava.lang.String;@178f36a]), you try the >> last core jar at same URL. >> >>> >>> Thomas >>> >>> >>> >>> >>> "Thomas Mortagne" <[EMAIL PROTECTED]> >>> Sent by: [EMAIL PROTECTED] >>> 19.11.2008 11:34 >>> Please respond to >>> XWiki Users <users@xwiki.org> >>> >>> >>> To >>> "XWiki Users" <users@xwiki.org> >>> cc >>> >>> Subject >>> Re: [xwiki-users] LDAP Groupmembers not updated to XWiki-Groups >>> >>> >>> >>> >>> >>> >>> On Wed, Nov 19, 2008 at 10:51 AM, Thomas Zwitanowitsch >>> <[EMAIL PROTECTED]> wrote: >>>> Yes, I am sure. This is what is configured: >>>> >>>> >>> > xwiki.authentication.ldap.group_classes=group,groupOfNames,groupOfUniqueNames,dynamicGroup,dynamicGroupAux,groupWiseDistributionList,Top >>>> I also tried this configuration >>>> xwiki.authentication.ldap.group_classes=groupOfNames,Top,groupOfNames >>>> xwiki.authentication.ldap.group_memberfields=member,equivalentToMe >>>> >>>> and this again, is the group in LDAP >>>> >>>> dn: >>>> > cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore >>>> DirXML-Associations: >>>> >>> > cn=AUTH-IDV,cn=DriverSet,ou=IDM,ou=system,o=wlgore#1#{E21DA9D4-FD4F-944c-40BA-E21DA9D4FD4F} >>>> equivalentToMe: cn=a22094,ou=associates,ou=users,o=wlgore >>>> objectClass: groupOfNames >>>> objectClass: Top >>>> member: cn=a22094,ou=associates,ou=users,o=wlgore >>>> description: XWiki Admin Group >>>> cn: Admin >>>> >>>> Not sure if I understand your last mail in regards to you adding some >>> more >>>> logs. >>> >>> Can you download and try last snapshot core 1.6 jar at >>> > http://maven.xwiki.org/snapshots/com/xpn/xwiki/platform/xwiki-core/1.6-SNAPSHOT/ > >>> . >>> You should get more informations on what append, this will help us to >>> see what is the problem. >>> >>>> >>>> Thanks >>>> Thomas >>>> >>>> >>>> >>>> >>>> "Thomas Mortagne" <[EMAIL PROTECTED]> >>>> Sent by: [EMAIL PROTECTED] >>>> 19.11.2008 10:43 >>>> Please respond to >>>> XWiki Users <users@xwiki.org> >>>> >>>> >>>> To >>>> "XWiki Users" <users@xwiki.org> >>>> cc >>>> >>>> Subject >>>> Re: [xwiki-users] LDAP Groupmembers not updated to XWiki-Groups >>>> >>>> >>>> >>>> >>>> >>>> >>>> In the meantime, are you sure that group_classes and >>>> group_memberfields has the right values for your LDAP schema ? >>>> >>>> On Wed, Nov 19, 2008 at 10:42 AM, Thomas Mortagne >>>> <[EMAIL PROTECTED]> wrote: >>>>> On Wed, Nov 19, 2008 at 8:44 AM, Thomas Zwitanowitsch >>>>> <[EMAIL PROTECTED]> wrote: >>>>>> Hi Thomas, >>>>>> >>>>>> Yes, there is an entry on this, but it looks like it doesn't find >>>>>> anything. >>>>>> >>>>>> ldap.XWikiLDAPUtils - Retrieving Members of the group: >>>>>> >>> cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore >>>>>> ldap.XWikiLDAPUtils - Found group >>>>>> >>>> >>> > [cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] >>>>>> members :{} >>>>>> ldap.XWikiLDAPUtils - Retrieving Members of the group: >>>>>> >>>> > cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore >>>>>> ldap.XWikiLDAPUtils - Found group >>>>>> >>>> >>> > [cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] >>>>>> members :{} >>>>>> ldap.XWikiLDAPUtils - Retrieving Members of the group: >>>>>> >>>> >>> > cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore >>>>>> ldap.XWikiLDAPUtils - Found group >>>>>> >>>> >>> > [cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] >>>>>> members :{} >>>>>> ldap.XWikiLDAPUtils - Retrieving Members of the group: >>>>>> >>>> >>> > cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore >>>>>> ldap.XWikiLDAPUtils - Found group >>>>>> >>>> >>> > [cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] >>>>>> members :{} >>>>>> >>>>>> >>>>>> The Admin-group in LDAP looks like this: >>>>>> >>>>>> dn: >>>>>> >>>> > cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore >>>>>> DirXML-Associations: >>>>>> >>>> >>> > cn=AUTH-IDV,cn=DriverSet,ou=IDM,ou=system,o=wlgore#1#{E21DA9D4-FD4F-944c-40BA-E21DA9D4FD4F} >>>>>> equivalentToMe: cn=a12345,ou=associates,ou=users,o=wlgore >>>>>> objectClass: groupOfNames >>>>>> objectClass: Top >>>>>> member: cn=a12345,ou=associates,ou=users,o=wlgore >>>>>> description: XWiki Admin Group >>>>>> cn: Admin >>>>>> >>>>>> So I see no reason for it not finding the members. In regards to the >>>> group >>>>>> cache, I already set it to 60s just to make sure it's being > refreshed >>> - >>>>>> with no effect. >>>>> >>>>> Ok them let me add some more log for your particular case and commit >>>>> for you to try to find why it can't find any LDAP group's member.. >>>>> >>>>>> >>>>>> Thanks! >>>>>> Thomas >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> "Thomas Mortagne" <[EMAIL PROTECTED]> >>>>>> Sent by: [EMAIL PROTECTED] >>>>>> 18.11.2008 18:26 >>>>>> Please respond to >>>>>> XWiki Users <users@xwiki.org> >>>>>> >>>>>> >>>>>> To >>>>>> "XWiki Users" <users@xwiki.org> >>>>>> cc >>>>>> >>>>>> Subject >>>>>> Re: [xwiki-users] LDAP Groupmembers not updated to XWiki-Groups >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> Hi, >>>>>> >>>>>> On Tue, Nov 18, 2008 at 5:39 PM, Thomas Zwitanowitsch >>>>>> <[EMAIL PROTECTED]> wrote: >>>>>>> Hi, >>>>>>> >>>>>>> I've updated from 1.5.2 to 1.6.1. After this, I found all groups >>>> beeing >>>>>>> empty - so no users were there anymore. >>>>>>> >>>>>>> As result I started mapping LDAP groups to XWiki groups to let > XWiki >>>>>>> populate the memberships again - I was planning this anyway. >>>>>>> >>>>>>> For some reason XWiki is not able to get the groups members and I >>>> cannot >>>>>>> understand why. Also it is not putting my user in the > XWiki.AllGroup >>> - >>>>>>> still my groups do not have any member. >>>>>>> >>>>>> >>>>>> Can you see "Retrieving Members of the group..." anywhere in the > whole >>>> log >>>>>> ? >>>>>> >>>>>> In your log I only see "Found group" which should means the group >>>>>> cache already contains the group members. >>>>>> >>>>>>> This are the logs: >>>>>>> >>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - Updating existing user with >>>> LDAP >>>>>>> attribues located at cn=a12345,ou=associates,ou=users,o=wlgore >>>>>>> DEBUG ldap.XWikiLDAPConfig - Ready to create user from >>> LDAP >>>>>>> with fields >>>>>>> >>>>>> >>>> >>> > last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn >>>>>>> DEBUG ldap.XWikiLDAPConfig - Groupmapping found: >>>>>>> XWiki.XWikiAdminGroup >>>>>>> >>>> > cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore >>>>>>> DEBUG ldap.XWikiLDAPConfig - Groupmapping found: >>>>>>> XWiki.MSOEGroup >>>>>>> >>>> > cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore >>>>>>> DEBUG ldap.XWikiLDAPConfig - Groupmapping found: >>>>>>> XWiki.MedicalFabricsAdmGroup >>>>>>> >>>>>> >>>> >>> > cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore >>>>>>> DEBUG ldap.XWikiLDAPConfig - Groupmapping found: >>>>>>> XWiki.MedicalFabricsGroup >>>>>>> >>>>>> >>>> >>> > cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore >>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - Updating group membership > for >>>>>> the >>>>>>> user: tzwitano >>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - The user belongs to > following >>>>>>> XWiki groups: >>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAllGroup >>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - All defined XWiki groups: >>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.MSOEGroup >>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - > XWiki.MedicalFabricsAdmGroup >>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.MedicalFabricsGroup >>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.TrillrAdmin >>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.TrillrUser >>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAdminGroup >>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAllGroup >>>>>>> DEBUG ldap.XWikiLDAPUtils - Found group >>>>>>> >>>>>> >>>> >>> > [cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] >>>>>>> members :{} >>>>>>> DEBUG ldap.XWikiLDAPUtils - Found group >>>>>>> >>>>>> >>>> >>> > [cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] >>>>>>> members :{} >>>>>>> DEBUG ldap.XWikiLDAPUtils - Found group >>>>>>> >>>>>> >>>> >>> > [cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] >>>>>>> members :{} >>>>>>> DEBUG ldap.XWikiLDAPUtils - Found group >>>>>>> >>>>>> >>>> >>> > [cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore] >>>>>>> members :{} >>>>>>> >>>>>>> This is my config: >>>>>>> >>>>>>> #-# new LDAP authentication service >>>>>>> >>>>>> >>>> >>> > xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl >>>>>>> >>>>>>> #-# Turn LDAP authentication on - otherwise only XWiki > authentication >>>>>>> #-# 0: disable >>>>>>> #-# 1: enable >>>>>>> xwiki.authentication.ldap=1 >>>>>>> >>>>>>> #-# Force to check password after LDAP connection >>>>>>> #-# 0: disable >>>>>>> #-# 1: enable >>>>>>> xwiki.authentication.ldap.validate_password=0 >>>>>>> >>>>>>> #-# only members of the following group will be verified in the > LDAP >>>>>>> # otherwise only users that are found after searching starting from >>>> the >>>>>>> base_DN >>>>>>> #xwiki.authentication.ldap.user_group=o=wlgore >>>>>>> >>>>>>> #-# base DN for searches >>>>>>> #xwiki.authentication.ldap.base_DN=o=wlgore >>>>>>> >>>>>>> #-# Specifies the LDAP attribute containing the identifier to be > used >>>> as >>>>>>> the XWiki name (default=cn) >>>>>>> xwiki.authentication.ldap.UID_attr=uid >>>>>>> >>>>>>> #-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl] >>>>>>> #-# Specifies the LDAP attribute containing the password to be used >>>>>> "when >>>>>>> xwiki.authentication.ldap.validate_password" is set to 1 >>>>>>> # xwiki.authentication.ldap.password_field=userPassword >>>>>>> >>>>>>> #-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl] >>>>>>> #-# The potential LDAP groups classes. Separated by commas. >>>>>>> >>>>>> >>>> >>> > xwiki.authentication.ldap.group_classes=group,groupOfNames,groupOfUniqueNames,dynamicGroup,dynamicGroupAux,groupWiseDistributionList,Top >>>>>>> >>> #xwiki.authentication.ldap.group_classes=groupOfNames,Top,groupOfNames >>>>>>> >>>>>>> #-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl] >>>>>>> #-# The potential names of the LDAP groups fields containings the >>>>>> members. >>>>>>> Separated by commas. >>>>>>> xwiki.authentication.ldap.group_memberfields=member,equivalentToMe >>>>>>> >>>>>>> #-# retrieve the following fields from LDAP and store them in the >>>> XWiki >>>>>>> user object (xwiki-attribute=ldap-attribute) >>>>>>> #-# ldap_dn=dn -- dn is set by class, caches dn in XWiki.user > object >>>>>> for >>>>>>> faster access >>>>>>> >>>>>> >>>> >>> > xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn >>>>>>> >>>>>>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] >>>>>>> #-# on every login update the mapped attributes from LDAP to XWiki >>>>>>> otherwise this happens only once when the XWiki account is created. >>>>>>> xwiki.authentication.ldap.update_user=1 >>>>>>> >>>>>>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] >>>>>>> #-# mapps XWiki groups to LDAP groups, separator is "|" >>>>>>> >>>>>> >>>> >>> > xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore|\ >>>>>>> >>>>>> >>>> >>> > XWiki.MSOEGroup=cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore|\ >>>>>>> >>>>>> >>>> >>> > XWiki.MedicalFabricsAdmGroup=cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore|\ >>>>>>> >>>>>> >>>> >>> > XWiki.MedicalFabricsGroup=cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore >>>>>>> >>>>>>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] >>>>>>> #-# time in s after which the list of members in a group is > refreshed >>>>>> from >>>>>>> LDAP (default=3600*6) >>>>>>> xwiki.authentication.ldap.groupcache_expiration=60 >>>>>>> >>>>>>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] >>>>>>> #-# - create : synchronize group membership only when the user is >>>> first >>>>>>> created >>>>>>> #-# - always: synchronize on every login >>>>>>> xwiki.authentication.ldap.mode_group_sync=always >>>>>>> >>>>>>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] >>>>>>> #-# if ldap authentication fails for any reason, try XWiki DB >>>>>>> authentication with the same credentials >>>>>>> xwiki.authentication.ldap.trylocal=1 >>>>>>> >>>>>>> Thanks! >>>>>>> Thomas >>>>>>> _______________________________________________ >>>>>>> users mailing list >>>>>>> users@xwiki.org >>>>>>> http://lists.xwiki.org/mailman/listinfo/users >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Thomas Mortagne >>>>>> _______________________________________________ >>>>>> users mailing list >>>>>> users@xwiki.org >>>>>> http://lists.xwiki.org/mailman/listinfo/users >>>>>> >>>>>> _______________________________________________ >>>>>> users mailing list >>>>>> users@xwiki.org >>>>>> http://lists.xwiki.org/mailman/listinfo/users >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Thomas Mortagne >>>>> >>>> >>>> >>>> >>>> -- >>>> Thomas Mortagne >>>> _______________________________________________ >>>> users mailing list >>>> users@xwiki.org >>>> http://lists.xwiki.org/mailman/listinfo/users >>>> >>>> _______________________________________________ >>>> users mailing list >>>> users@xwiki.org >>>> http://lists.xwiki.org/mailman/listinfo/users >>>> >>> >>> >>> >>> -- >>> Thomas Mortagne >>> _______________________________________________ >>> users mailing list >>> users@xwiki.org >>> http://lists.xwiki.org/mailman/listinfo/users >>> >>> _______________________________________________ >>> users mailing list >>> users@xwiki.org >>> http://lists.xwiki.org/mailman/listinfo/users >>> >> >> >> >> -- >> Thomas Mortagne >> > > > > -- > Thomas Mortagne > _______________________________________________ > users mailing list > users@xwiki.org > http://lists.xwiki.org/mailman/listinfo/users > > _______________________________________________ > users mailing list > users@xwiki.org > http://lists.xwiki.org/mailman/listinfo/users > -- Thomas Mortagne _______________________________________________ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users _______________________________________________ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users