I tweaked the test class a bit to conform the settings I have in my
"normal" wiki setup:
LDAP search:
baseDN=[cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
query=[null] attr=[[objectClass, uid, member, uniquemember]] ldapScope=[0]
{name=dn
value=cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore}
{name=member value=cn=a12345,ou=associates,ou=users,o=wlgore}
{name=member value=cn=a12341,ou=associates,ou=users,o=wlgore}
{name=member value=cn=a12342,ou=associates,ou=users,o=wlgore}
{name=member
value=cn=a12343,ou=partners,ou=non-associates,ou=users,o=wlgore}
{name=member value=cn=a12344,ou=associates,ou=users,o=wlgore}
{name=objectClass value=groupOfNames}
{name=objectClass value=Top}
I does now exactly the same LDAP search as printed out and it is still not
returning anything. Which methods are called when performing the
group-fetch? Maybe I used the wrong ones?
Did you have a chance to look into your code?
Thanks!
Thomas
"Thomas Mortagne" <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
19.11.2008 14:14
Please respond to
XWiki Users <users@xwiki.org>
To
"XWiki Users" <users@xwiki.org>
cc
Subject
Re: [xwiki-users] LDAP Groupmembers not updated to XWiki-Groups
On Wed, Nov 19, 2008 at 1:22 PM, Thomas Zwitanowitsch
<[EMAIL PROTECTED]> wrote:
> We're using Novell's eDirectory. I thought of the same thing that
> lowercase could be a problem. But on the other side the "member"
attribute
> is all lowercase - only "equivalentToMe" is mixed case. And I just tried
> it to only map it to "member" with no change.
Right you should get "name" at least. It's weird than you get the
"objectClass" attributes and not the "name".
I don't have more ideas of what can be the problem yet. Do the LDAP
user have right to list LDAP groups ?
>
> Here are the new logs:
>
> bstractXWikiMigrationManager - No storage migration required since
> current version is [7351]
> ldap.XWikiLDAPConfig - ldap_group_classes: [groupofnames,
> group, top, dynamicgroupaux, groupofuniquenames,
> groupwisedistributionlist, dynamicgroup]
> ldap.XWikiLDAPConfig - ldap_group_memberfields:
> [equivalenttome, member]
> ldap.XWikiLDAPConnection - Connection to LDAP server
> [heffalump.wlgore.com:389]
> ldap.XWikiLDAPConnection - Binding to LDAP server with
credentials
> login=[cn=intranet_proxy,ou=proxy-users,ou=system,o=wlgore]
> password=[***********]
> LDAP.XWikiLDAPAuthServiceImpl - Found user dn with the user object:
null
> ldap.XWikiLDAPConfig - Ready to create user from LDAP with
> fields
>
last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn
> ldap.XWikiLDAPUtils - Searching for the user in LDAP:
> user:tzwitano base: query:(uid=tzwitano) uid:uid
> ldap.XWikiLDAPConnection - LDAP search: baseDN=[]
> query=[(uid=tzwitano)] attr=[[sn, givenName, fullName, mail, dn]]
> ldapScope=[2]
> ldap.XWikiLDAPConnection - LDAP search found attributes:
[{name=dn
> value=cn=a12345,ou=associates,ou=users,o=wlgore}, {name=sn
> value=Zwitanowitsch}, {name=mail [EMAIL PROTECTED],
> {name=givenName value=Thomas}, {name=fullName value=Thomas Zwitanowitsch
> }]
> LDAP.XWikiLDAPAuthServiceImpl - LDAP attributes will be used to update
> XWiki attributes.
> LDAP.XWikiLDAPAuthServiceImpl - Updating existing user with LDAP
> attribues located at cn=a12345,ou=associates,ou=users,o=wlgore
> ldap.XWikiLDAPConfig - Ready to create user from LDAP with
> fields
>
last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn
> ldap.XWikiLDAPConfig - Groupmapping found:
> XWiki.XWikiAdminGroup
> cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
> ldap.XWikiLDAPConfig - Groupmapping found: XWiki.MSOEGroup
> cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
> ldap.XWikiLDAPConfig - Groupmapping found:
> XWiki.MedicalFabricsAdmGroup
>
cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
> ldap.XWikiLDAPConfig - Groupmapping found:
> XWiki.MedicalFabricsGroup
>
cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
> LDAP.XWikiLDAPAuthServiceImpl - Updating group membership for the
user:
> tzwitano
> LDAP.XWikiLDAPAuthServiceImpl - The user belongs to following XWiki
> groups:
> LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAllGroup
> LDAP.XWikiLDAPAuthServiceImpl - All defined XWiki groups:
> LDAP.XWikiLDAPAuthServiceImpl - XWiki.MSOEGroup
> LDAP.XWikiLDAPAuthServiceImpl - XWiki.MedicalFabricsAdmGroup
> LDAP.XWikiLDAPAuthServiceImpl - XWiki.MedicalFabricsGroup
> LDAP.XWikiLDAPAuthServiceImpl - XWiki.TrillrAdmin
> LDAP.XWikiLDAPAuthServiceImpl - XWiki.TrillrUser
> LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAdminGroup
> LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAllGroup
> ldap.XWikiLDAPUtils - Retrieving Members of the group:
> cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
> ldap.XWikiLDAPConnection - LDAP search:
>
baseDN=[cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
> query=[null] attr=[[objectClass, uid, equivalenttome, member]]
> ldapScope=[0]
> ldap.XWikiLDAPConnection - LDAP search found attributes:
[{name=dn
>
value=cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore},
> {name=objectClass value=groupOfNames}, {name=objectClass value=Top}]
> ldap.XWikiLDAPUtils - Found group
>
[cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
> members :{}
> ldap.XWikiLDAPUtils - Retrieving Members of the group:
> cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
> ldap.XWikiLDAPConnection - LDAP search:
>
baseDN=[cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
> query=[null] attr=[[objectClass, uid, equivalenttome, member]]
> ldapScope=[0]
> ldap.XWikiLDAPConnection - LDAP search found attributes:
[{name=dn
>
value=cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore},
> {name=objectClass value=groupOfNames}, {name=objectClass value=Top}]
> ldap.XWikiLDAPUtils - Found group
>
[cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
> members :{}
> ldap.XWikiLDAPUtils - Retrieving Members of the group:
>
cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
> ldap.XWikiLDAPConnection - LDAP search:
>
baseDN=[cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
> query=[null] attr=[[objectClass, uid, equivalenttome, member]]
> ldapScope=[0]
> ldap.XWikiLDAPConnection - LDAP search found attributes:
[{name=dn
>
value=cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore},
> {name=objectClass value=groupOfNames}, {name=objectClass value=Top}]
> ldap.XWikiLDAPUtils - Found group
>
[cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
> members :{}
> ldap.XWikiLDAPUtils - Retrieving Members of the group:
>
cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
> ldap.XWikiLDAPConnection - LDAP search:
>
baseDN=[cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
> query=[null] attr=[[objectClass, uid, equivalenttome, member]]
> ldapScope=[0]
> ldap.XWikiLDAPConnection - LDAP search found attributes:
[{name=dn
>
value=cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore},
> {name=objectClass value=groupOfNames}, {name=objectClass value=Top}]
> ldap.XWikiLDAPUtils - Found group
>
[cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
> members :{}
>
>
>
>
> "Thomas Mortagne" <[EMAIL PROTECTED]>
> Sent by: [EMAIL PROTECTED]
> 19.11.2008 13:11
> Please respond to
> XWiki Users <users@xwiki.org>
>
>
> To
> "XWiki Users" <users@xwiki.org>
> cc
>
> Subject
> Re: [xwiki-users] LDAP Groupmembers not updated to XWiki-Groups
>
>
>
>
>
>
> By the way Maybe your already said it but which LDAP server are you
> using ? The attributes are lower cased by XWiki to not depends on the
> case of attributes when manipulating them. It's generaly not a problem
> for LDAP but maybe there a problem with the server your are using...
>
> On Wed, Nov 19, 2008 at 1:07 PM, Thomas Mortagne
> <[EMAIL PROTECTED]> wrote:
>> On Wed, Nov 19, 2008 at 12:08 PM, Thomas Zwitanowitsch
>> <[EMAIL PROTECTED]> wrote:
>>> Looks like it doesn't see the other attributes...
>>>
>>> ldap.XWikiLDAPUtils - Found group
>>>
>
[cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>> members :{}
>>> ldap.XWikiLDAPUtils - Retrieving Members of the group:
>>>
>
cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>> ldap.XWikiLDAPConnection - LDAP search:
>>>
>
baseDN=[cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>> query=[null] attr=[[Ljava.lang.String;@178f36a] ldapScope=[0]
>>> ldap.XWikiLDAPConnection - LDAP search found attributes:
> [{name=dn
>>>
>
value=cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore},
>>> {name=objectClass value=groupOfNames}, {name=objectClass value=Top}]
>>>
>>> Do you need the other lines as well?
>>
>> I just improved the log to see exactly what attributes names are used
>> in the search (in place of [[Ljava.lang.String;@178f36a]), you try the
>> last core jar at same URL.
>>
>>>
>>> Thomas
>>>
>>>
>>>
>>>
>>> "Thomas Mortagne" <[EMAIL PROTECTED]>
>>> Sent by: [EMAIL PROTECTED]
>>> 19.11.2008 11:34
>>> Please respond to
>>> XWiki Users <users@xwiki.org>
>>>
>>>
>>> To
>>> "XWiki Users" <users@xwiki.org>
>>> cc
>>>
>>> Subject
>>> Re: [xwiki-users] LDAP Groupmembers not updated to XWiki-Groups
>>>
>>>
>>>
>>>
>>>
>>>
>>> On Wed, Nov 19, 2008 at 10:51 AM, Thomas Zwitanowitsch
>>> <[EMAIL PROTECTED]> wrote:
>>>> Yes, I am sure. This is what is configured:
>>>>
>>>>
>>>
>
xwiki.authentication.ldap.group_classes=group,groupOfNames,groupOfUniqueNames,dynamicGroup,dynamicGroupAux,groupWiseDistributionList,Top
>>>> I also tried this configuration
>>>> xwiki.authentication.ldap.group_classes=groupOfNames,Top,groupOfNames
>>>> xwiki.authentication.ldap.group_memberfields=member,equivalentToMe
>>>>
>>>> and this again, is the group in LDAP
>>>>
>>>> dn:
>>>>
> cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>> DirXML-Associations:
>>>>
>>>
>
cn=AUTH-IDV,cn=DriverSet,ou=IDM,ou=system,o=wlgore#1#{E21DA9D4-FD4F-944c-40BA-E21DA9D4FD4F}
>>>> equivalentToMe: cn=a22094,ou=associates,ou=users,o=wlgore
>>>> objectClass: groupOfNames
>>>> objectClass: Top
>>>> member: cn=a22094,ou=associates,ou=users,o=wlgore
>>>> description: XWiki Admin Group
>>>> cn: Admin
>>>>
>>>> Not sure if I understand your last mail in regards to you adding some
>>> more
>>>> logs.
>>>
>>> Can you download and try last snapshot core 1.6 jar at
>>>
>
http://maven.xwiki.org/snapshots/com/xpn/xwiki/platform/xwiki-core/1.6-SNAPSHOT/
>
>>> .
>>> You should get more informations on what append, this will help us to
>>> see what is the problem.
>>>
>>>>
>>>> Thanks
>>>> Thomas
>>>>
>>>>
>>>>
>>>>
>>>> "Thomas Mortagne" <[EMAIL PROTECTED]>
>>>> Sent by: [EMAIL PROTECTED]
>>>> 19.11.2008 10:43
>>>> Please respond to
>>>> XWiki Users <users@xwiki.org>
>>>>
>>>>
>>>> To
>>>> "XWiki Users" <users@xwiki.org>
>>>> cc
>>>>
>>>> Subject
>>>> Re: [xwiki-users] LDAP Groupmembers not updated to XWiki-Groups
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> In the meantime, are you sure that group_classes and
>>>> group_memberfields has the right values for your LDAP schema ?
>>>>
>>>> On Wed, Nov 19, 2008 at 10:42 AM, Thomas Mortagne
>>>> <[EMAIL PROTECTED]> wrote:
>>>>> On Wed, Nov 19, 2008 at 8:44 AM, Thomas Zwitanowitsch
>>>>> <[EMAIL PROTECTED]> wrote:
>>>>>> Hi Thomas,
>>>>>>
>>>>>> Yes, there is an entry on this, but it looks like it doesn't find
>>>>>> anything.
>>>>>>
>>>>>> ldap.XWikiLDAPUtils - Retrieving Members of the group:
>>>>>>
>>>
cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>> ldap.XWikiLDAPUtils - Found group
>>>>>>
>>>>
>>>
>
[cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>> members :{}
>>>>>> ldap.XWikiLDAPUtils - Retrieving Members of the group:
>>>>>>
>>>>
> cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>> ldap.XWikiLDAPUtils - Found group
>>>>>>
>>>>
>>>
>
[cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>> members :{}
>>>>>> ldap.XWikiLDAPUtils - Retrieving Members of the group:
>>>>>>
>>>>
>>>
>
cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>> ldap.XWikiLDAPUtils - Found group
>>>>>>
>>>>
>>>
>
[cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>> members :{}
>>>>>> ldap.XWikiLDAPUtils - Retrieving Members of the group:
>>>>>>
>>>>
>>>
>
cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>> ldap.XWikiLDAPUtils - Found group
>>>>>>
>>>>
>>>
>
[cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>> members :{}
>>>>>>
>>>>>>
>>>>>> The Admin-group in LDAP looks like this:
>>>>>>
>>>>>> dn:
>>>>>>
>>>>
> cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>> DirXML-Associations:
>>>>>>
>>>>
>>>
>
cn=AUTH-IDV,cn=DriverSet,ou=IDM,ou=system,o=wlgore#1#{E21DA9D4-FD4F-944c-40BA-E21DA9D4FD4F}
>>>>>> equivalentToMe: cn=a12345,ou=associates,ou=users,o=wlgore
>>>>>> objectClass: groupOfNames
>>>>>> objectClass: Top
>>>>>> member: cn=a12345,ou=associates,ou=users,o=wlgore
>>>>>> description: XWiki Admin Group
>>>>>> cn: Admin
>>>>>>
>>>>>> So I see no reason for it not finding the members. In regards to
the
>>>> group
>>>>>> cache, I already set it to 60s just to make sure it's being
> refreshed
>>> -
>>>>>> with no effect.
>>>>>
>>>>> Ok them let me add some more log for your particular case and commit
>>>>> for you to try to find why it can't find any LDAP group's member..
>>>>>
>>>>>>
>>>>>> Thanks!
>>>>>> Thomas
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> "Thomas Mortagne" <[EMAIL PROTECTED]>
>>>>>> Sent by: [EMAIL PROTECTED]
>>>>>> 18.11.2008 18:26
>>>>>> Please respond to
>>>>>> XWiki Users <users@xwiki.org>
>>>>>>
>>>>>>
>>>>>> To
>>>>>> "XWiki Users" <users@xwiki.org>
>>>>>> cc
>>>>>>
>>>>>> Subject
>>>>>> Re: [xwiki-users] LDAP Groupmembers not updated to XWiki-Groups
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> On Tue, Nov 18, 2008 at 5:39 PM, Thomas Zwitanowitsch
>>>>>> <[EMAIL PROTECTED]> wrote:
>>>>>>> Hi,
>>>>>>>
>>>>>>> I've updated from 1.5.2 to 1.6.1. After this, I found all groups
>>>> beeing
>>>>>>> empty - so no users were there anymore.
>>>>>>>
>>>>>>> As result I started mapping LDAP groups to XWiki groups to let
> XWiki
>>>>>>> populate the memberships again - I was planning this anyway.
>>>>>>>
>>>>>>> For some reason XWiki is not able to get the groups members and I
>>>> cannot
>>>>>>> understand why. Also it is not putting my user in the
> XWiki.AllGroup
>>> -
>>>>>>> still my groups do not have any member.
>>>>>>>
>>>>>>
>>>>>> Can you see "Retrieving Members of the group..." anywhere in the
> whole
>>>> log
>>>>>> ?
>>>>>>
>>>>>> In your log I only see "Found group" which should means the group
>>>>>> cache already contains the group members.
>>>>>>
>>>>>>> This are the logs:
>>>>>>>
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - Updating existing user
with
>>>> LDAP
>>>>>>> attribues located at cn=a12345,ou=associates,ou=users,o=wlgore
>>>>>>> DEBUG ldap.XWikiLDAPConfig - Ready to create user from
>>> LDAP
>>>>>>> with fields
>>>>>>>
>>>>>>
>>>>
>>>
>
last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn
>>>>>>> DEBUG ldap.XWikiLDAPConfig - Groupmapping found:
>>>>>>> XWiki.XWikiAdminGroup
>>>>>>>
>>>>
> cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>>> DEBUG ldap.XWikiLDAPConfig - Groupmapping found:
>>>>>>> XWiki.MSOEGroup
>>>>>>>
>>>>
> cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>>> DEBUG ldap.XWikiLDAPConfig - Groupmapping found:
>>>>>>> XWiki.MedicalFabricsAdmGroup
>>>>>>>
>>>>>>
>>>>
>>>
>
cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>>> DEBUG ldap.XWikiLDAPConfig - Groupmapping found:
>>>>>>> XWiki.MedicalFabricsGroup
>>>>>>>
>>>>>>
>>>>
>>>
>
cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - Updating group membership
> for
>>>>>> the
>>>>>>> user: tzwitano
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - The user belongs to
> following
>>>>>>> XWiki groups:
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAllGroup
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - All defined XWiki groups:
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.MSOEGroup
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl -
> XWiki.MedicalFabricsAdmGroup
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.MedicalFabricsGroup
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.TrillrAdmin
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.TrillrUser
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAdminGroup
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAllGroup
>>>>>>> DEBUG ldap.XWikiLDAPUtils - Found group
>>>>>>>
>>>>>>
>>>>
>>>
>
[cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>>> members :{}
>>>>>>> DEBUG ldap.XWikiLDAPUtils - Found group
>>>>>>>
>>>>>>
>>>>
>>>
>
[cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>>> members :{}
>>>>>>> DEBUG ldap.XWikiLDAPUtils - Found group
>>>>>>>
>>>>>>
>>>>
>>>
>
[cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>>> members :{}
>>>>>>> DEBUG ldap.XWikiLDAPUtils - Found group
>>>>>>>
>>>>>>
>>>>
>>>
>
[cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>>> members :{}
>>>>>>>
>>>>>>> This is my config:
>>>>>>>
>>>>>>> #-# new LDAP authentication service
>>>>>>>
>>>>>>
>>>>
>>>
>
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
>>>>>>>
>>>>>>> #-# Turn LDAP authentication on - otherwise only XWiki
> authentication
>>>>>>> #-# 0: disable
>>>>>>> #-# 1: enable
>>>>>>> xwiki.authentication.ldap=1
>>>>>>>
>>>>>>> #-# Force to check password after LDAP connection
>>>>>>> #-# 0: disable
>>>>>>> #-# 1: enable
>>>>>>> xwiki.authentication.ldap.validate_password=0
>>>>>>>
>>>>>>> #-# only members of the following group will be verified in the
> LDAP
>>>>>>> # otherwise only users that are found after searching starting
from
>>>> the
>>>>>>> base_DN
>>>>>>> #xwiki.authentication.ldap.user_group=o=wlgore
>>>>>>>
>>>>>>> #-# base DN for searches
>>>>>>> #xwiki.authentication.ldap.base_DN=o=wlgore
>>>>>>>
>>>>>>> #-# Specifies the LDAP attribute containing the identifier to be
> used
>>>> as
>>>>>>> the XWiki name (default=cn)
>>>>>>> xwiki.authentication.ldap.UID_attr=uid
>>>>>>>
>>>>>>> #-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# Specifies the LDAP attribute containing the password to be
used
>>>>>> "when
>>>>>>> xwiki.authentication.ldap.validate_password" is set to 1
>>>>>>> # xwiki.authentication.ldap.password_field=userPassword
>>>>>>>
>>>>>>> #-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# The potential LDAP groups classes. Separated by commas.
>>>>>>>
>>>>>>
>>>>
>>>
>
xwiki.authentication.ldap.group_classes=group,groupOfNames,groupOfUniqueNames,dynamicGroup,dynamicGroupAux,groupWiseDistributionList,Top
>>>>>>>
>>> #xwiki.authentication.ldap.group_classes=groupOfNames,Top,groupOfNames
>>>>>>>
>>>>>>> #-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# The potential names of the LDAP groups fields containings the
>>>>>> members.
>>>>>>> Separated by commas.
>>>>>>> xwiki.authentication.ldap.group_memberfields=member,equivalentToMe
>>>>>>>
>>>>>>> #-# retrieve the following fields from LDAP and store them in the
>>>> XWiki
>>>>>>> user object (xwiki-attribute=ldap-attribute)
>>>>>>> #-# ldap_dn=dn -- dn is set by class, caches dn in XWiki.user
> object
>>>>>> for
>>>>>>> faster access
>>>>>>>
>>>>>>
>>>>
>>>
>
xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn
>>>>>>>
>>>>>>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# on every login update the mapped attributes from LDAP to XWiki
>>>>>>> otherwise this happens only once when the XWiki account is
created.
>>>>>>> xwiki.authentication.ldap.update_user=1
>>>>>>>
>>>>>>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# mapps XWiki groups to LDAP groups, separator is "|"
>>>>>>>
>>>>>>
>>>>
>>>
>
xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore|\
>>>>>>>
>>>>>>
>>>>
>>>
>
XWiki.MSOEGroup=cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore|\
>>>>>>>
>>>>>>
>>>>
>>>
>
XWiki.MedicalFabricsAdmGroup=cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore|\
>>>>>>>
>>>>>>
>>>>
>>>
>
XWiki.MedicalFabricsGroup=cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>>>
>>>>>>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# time in s after which the list of members in a group is
> refreshed
>>>>>> from
>>>>>>> LDAP (default=3600*6)
>>>>>>> xwiki.authentication.ldap.groupcache_expiration=60
>>>>>>>
>>>>>>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# - create : synchronize group membership only when the user is
>>>> first
>>>>>>> created
>>>>>>> #-# - always: synchronize on every login
>>>>>>> xwiki.authentication.ldap.mode_group_sync=always
>>>>>>>
>>>>>>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# if ldap authentication fails for any reason, try XWiki DB
>>>>>>> authentication with the same credentials
>>>>>>> xwiki.authentication.ldap.trylocal=1
>>>>>>>
>>>>>>> Thanks!
>>>>>>> Thomas
>>>>>>> _______________________________________________
>>>>>>> users mailing list
>>>>>>> users@xwiki.org
>>>>>>> http://lists.xwiki.org/mailman/listinfo/users
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Thomas Mortagne
>>>>>> _______________________________________________
>>>>>> users mailing list
>>>>>> users@xwiki.org
>>>>>> http://lists.xwiki.org/mailman/listinfo/users
>>>>>>
>>>>>> _______________________________________________
>>>>>> users mailing list
>>>>>> users@xwiki.org
>>>>>> http://lists.xwiki.org/mailman/listinfo/users
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Thomas Mortagne
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Thomas Mortagne
>>>> _______________________________________________
>>>> users mailing list
>>>> users@xwiki.org
>>>> http://lists.xwiki.org/mailman/listinfo/users
>>>>
>>>> _______________________________________________
>>>> users mailing list
>>>> users@xwiki.org
>>>> http://lists.xwiki.org/mailman/listinfo/users
>>>>
>>>
>>>
>>>
>>> --
>>> Thomas Mortagne
>>> _______________________________________________
>>> users mailing list
>>> users@xwiki.org
>>> http://lists.xwiki.org/mailman/listinfo/users
>>>
>>> _______________________________________________
>>> users mailing list
>>> users@xwiki.org
>>> http://lists.xwiki.org/mailman/listinfo/users
>>>
>>
>>
>>
>> --
>> Thomas Mortagne
>>
>
>
>
> --
> Thomas Mortagne
> _______________________________________________
> users mailing list
> users@xwiki.org
> http://lists.xwiki.org/mailman/listinfo/users
>
> _______________________________________________
> users mailing list
> users@xwiki.org
> http://lists.xwiki.org/mailman/listinfo/users
>
--
Thomas Mortagne
_______________________________________________
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
