Dear all, i followed all the instructions from the forums http://platform.xwiki.org/xwiki/bin/view/AdminGuide/LDAPAuthenticationUseCases "My users are not located in the same organization unit" i set the xwiki.authentication.ldap.bind_DN= xwiki.authentication.ldap.bind_pass= to a user which is allowed to search everywhere (and this works in another application fine (OTRS)) Also i read about storing then dn in ldap_dn (and removed it from the config) xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=sn,first_name=givenName,fullname=fullName,email=mail
so i have a specific user which is not found in LDAP who is in another OU here is the log 20:04:35,393 [http://asawida/bin/loginsubmit/XWiki/XWikiLogin] [http-80-1] DEBUG LDAP.XWikiLDAPAuthServiceImpl - The provided user is null. We don't try to authenticate, it probably means the user is in non logged mode. 20:04:35,393 [http://asawida/bin/loginsubmit/XWiki/XWikiLogin] [http-80-1] DEBUG ldap.XWikiLDAPConfig - ldap_group_classes: [groupofnames, groupwisedistributionlist, dynamicgroup, dynamicgroupaux, groupofuniquenames, group] 20:04:35,393 [http://asawida/bin/loginsubmit/XWiki/XWikiLogin] [http-80-1] DEBUG ldap.XWikiLDAPConfig - ldap_group_memberfields: [member, uniquemember] 20:04:35,393 [http://asawida/bin/loginsubmit/XWiki/XWikiLogin] [http-80-1] DEBUG ldap.XWikiLDAPConnection - Connection to LDAP server [aohdc03.asamer.holding.ah:389] 20:04:35,408 [http://asawida/bin/loginsubmit/XWiki/XWikiLogin] [http-80-1] DEBUG ldap.XWikiLDAPConnection - Binding to LDAP server with credentials login=[CN=otrs,OU=ServicesAccounts,DC=asamer,DC=holding,DC=ah] 20:04:35,440 [http://asawida/bin/loginsubmit/XWiki/XWikiLogin] [http-80-1] DEBUG ldap.XWikiLDAPUtils - Searching for the user in LDAP: user:naasal base:DC=holding,DC=ah query:(sAMAccountName=naasal) uid:sAMAccountName 20:04:35,440 [http://asawida/bin/loginsubmit/XWiki/XWikiLogin] [http-80-1] DEBUG ldap.XWikiLDAPConnection - LDAP search: baseDN=[DC=holding,DC=ah] query=[(sAMAccountName=naasal)] attr=[[sAMAccountName, sn, givenName, fullName, mail]] ldapScope=[2] 20:04:35,455 [http://asawida/bin/loginsubmit/XWiki/XWikiLogin] [http-80-1] DEBUG ldap.XWikiLDAPConnection - LDAP Search failed LDAPReferralException: Automatic referral following not enabled (10) Referral LDAPReferralException: Server Message: 0000202B: RefErr: DSID-0310063C, data 0, 1 access points ref 1: 'holding.ah' LDAPReferralException: Referral: ldap://holding.ah/DC=holding,DC=ah at com.novell.ldap.LDAPResponse.getResultException(Unknown Source) at com.novell.ldap.LDAPResponse.chkResultCode(Unknown Source) at com.novell.ldap.LDAPSearchResults.next(Unknown Source) at com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.searchLDAP(XWikiLDAPConnection.java:306) at com.xpn.xwiki.plugin.ldap.XWikiLDAPUtils.searchUserAttributesByUid(XWikiLDAPUtils.java:548) at com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticateInContext(XWikiLDAPAuthServiceImpl.java:372) at com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:202) at com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:149) at com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:239) at com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:165) at com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:148) at com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:203) at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3578) at com.xpn.xwiki.user.impl.xwiki.XWikiRightServiceImpl.checkAccess(XWikiRightServiceImpl.java:139) at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3586) at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4572) at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:190) at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:115) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236) at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432) at javax.servlet.http.HttpServlet.service(HttpServlet.java:710) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.xpn.xwiki.plugin.webdav.XWikiDavFilter.doFilter(XWikiDavFilter.java:68) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.xpn.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:135) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.xpn.xwiki.web.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:287) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.xpn.xwiki.web.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:112) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Unknown Source) 20:04:35,455 [http://asawida/bin/loginsubmit/XWiki/XWikiLogin] [http-80-1] DEBUG ldap.XWikiLDAPConnection - LDAP search found attributes: null 20:04:35,455 [http://asawida/bin/loginsubmit/XWiki/XWikiLogin] [http-80-1] DEBUG LDAP.XWikiLDAPAuthServiceImpl - Local LDAP authentication failed. com.xpn.xwiki.XWikiException: Error number 8001 in 8: Can't find LDAP user DN for [naasal] at com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticateInContext(XWikiLDAPAuthServiceImpl.java:386) at com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:202) at com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:149) at com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:239) at com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:165) at com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:148) at com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:203) at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3578) at com.xpn.xwiki.user.impl.xwiki.XWikiRightServiceImpl.checkAccess(XWikiRightServiceImpl.java:139) at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3586) at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4572) at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:190) at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:115) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236) at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432) at javax.servlet.http.HttpServlet.service(HttpServlet.java:710) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.xpn.xwiki.plugin.webdav.XWikiDavFilter.doFilter(XWikiDavFilter.java:68) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.xpn.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:135) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.xpn.xwiki.web.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:287) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.xpn.xwiki.web.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:112) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Unknown Source) 20:04:35,455 [http://asawida/bin/loginsubmit/XWiki/XWikiLogin] [http-80-1] DEBUG LDAP.XWikiLDAPAuthServiceImpl - Trying authentication against XWiki DB 20:04:35,471 [http://asawida/bin/loginsubmit/XWiki/XWikiLogin] [http-80-1] DEBUG LDAP.XWikiLDAPAuthServiceImpl - LDAP authentication failed for user [naasal] while this is a successfull connection 20:36:49,190 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConnection - Connection to LDAP server [aohdc03.asamer.holding.ah:389] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConnection - Binding to LDAP server with credentials login=[CN=otrs,OU=ServicesAccounts,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG LDAP.XWikiLDAPAuthServiceImpl - Found user dn with the user object: CN=Fürtbauer Wolfgang,OU=Poweruser,DC=asamer,DC=holding,DC=ah 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG LDAP.XWikiLDAPAuthServiceImpl - LDAP attributes will be used to update XWiki attributes. 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConnection - LDAP search: baseDN=[CN=Fürtbauer Wolfgang,OU=Poweruser,DC=asamer,DC=holding,DC=ah] query=[null] attr=[[sAMAccountName, sn, givenName, fullName, mail]] ldapScope=[0] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConnection - - values for attribute "givenName" 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConnection - |- [Wolfgang] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConnection - - values for attribute "sn" 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConnection - |- [Fürtbauer] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConnection - - values for attribute "mail" 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConnection - |- [[email protected]] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConnection - - values for attribute "sAMAccountName" 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConnection - |- [fuewol] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConnection - LDAP search found attributes: [{name=dn value=CN=Fürtbauer Wolfgang,OU=Poweruser,DC=asamer,DC=holding,DC=ah}, {name=givenName value=Wolfgang}, {name=sn value=Fürtbauer}, {name=mail [email protected]}, {name=sAMAccountName value=fuewol}] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG LDAP.XWikiLDAPAuthServiceImpl - Updating existing user with LDAP attribues located at CN=Fürtbauer Wolfgang,OU=Poweruser,DC=asamer,DC=holding,DC=ah 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG LDAP.XWikiLDAPAuthServiceImpl - Start synchronising LDAP profile [[{name=dn value=CN=Fürtbauer Wolfgang,OU=Poweruser,DC=asamer,DC=holding,DC=ah}, {name=givenName value=Wolfgang}, {name=sn value=Fürtbauer}, {name=mail [email protected]}, {name=sAMAccountName value=fuewol}]] with user profile based on mapping {mail=email, sn=last_name, givenname=first_name, samaccountname=name, fullname=fullname} 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.XWikiAdminGroup [CN=xwiki_Admin,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.ViewAllGroup [CN=xwiki_ViewAll,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.ACGroup [CN=xwiki_AC,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.CEGroup [CN=xwiki_CE,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.FNGroup [CN=xwiki_FN,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.HRGroup [CN=xwiki_HR,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.IMGroup [CN=xwiki_IM,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.INGroup [CN=xwiki_IN,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.ITGroup [CN=xwiki_IT,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.ITsecureGroup [CN=xwiki_ITsecure,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.JSGroup [CN=xwiki_JS,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.LDGroup [CN=xwiki_LD,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.PDGroup [CN=xwiki_PD,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.PDsecureGroup [CN=xwiki_PDsecure,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.PRGroup [CN=xwiki_PR,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.PTGroup [CN=xwiki_PT,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG ldap.XWikiLDAPConfig - Groupmapping found: XWiki.QAGroup [CN=xwiki_QA,OU=xWiki Groups,DC=asamer,DC=holding,DC=ah] 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG LDAP.XWikiLDAPAuthServiceImpl - Updating group membership for the user: XWiki.fuewol 20:36:49,205 [http://asawida/bin/view/Main/] [http-80-1] DEBUG LDAP.XWikiLDAPAuthServiceImpl - The user belongs _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
