Hello,
I seem to have a LDAP configuration problem which I can not solve. I'm tryin
gto authenticate to a AD Windows 2008 domain. The domain is standard one
forest, one domain named mega.local. I;ve configured xwiki.cfg according
instructions with:
#-------------------------------------------------------------------------------------
# LDAP
#-------------------------------------------------------------------------------------
#-# new LDAP authentication service
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
#-# Turn LDAP authentication on - otherwise only XWiki authentication
#-# 0: disable
#-# 1: enable
xwiki.authentication.ldap=1
#-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)
xwiki.authentication.ldap.server=hf-dom02.mega.local
xwiki.authentication.ldap.port=389
#-# LDAP login, empty = anonymous access, otherwise specify full dn
#-# {0} is replaced with the username, {1} with the password
xwiki.authentication.ldap.bind_DN=mega\\sa_ad
xwiki.authentication.ldap.bind_pass=.....
#-# Force to check password after LDAP connection
#-# 0: disable
#-# 1: enable
xwiki.authentication.ldap.validate_password=0
#-# only members of the following group will be verified in the LDAP
#-# otherwise only users that are found after searching starting from the
base_DN
# xwiki.authentication.ldap.user_group=cn=Users
#-# [Since 1.5RC1, XWikiLDAPAuthServiceImpl]
#-# only users not member of the following group can autheticate
# xwiki.authentication.ldap.exclude_group=cn=admin,ou=groups,o=MegaNova,c=US
#-# base DN for searches
xwiki.authentication.ldap.base_DN=dc=mega,dc=local
#-# Specifies the LDAP attribute containing the identifier to be used as the
XWiki name (default=cn)
xwiki.authentication.ldap.UID_attr=saAMAccountName
But all searches failed with the following error. Anyone ideas left?
2009-11-13 13:53:47,157
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin]
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin<http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin%5d%20%5bhttp:/ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin>]
INFO .AbstractXWikiMigrationManager - No storage migration required since
current version is [15429]
2009-11-13 13:53:48,735
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin]
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin<http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin%5d%20%5bhttp:/ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin>]
DEBUG LDAP.XWikiLDAPAuthServiceImpl - The provided user is null. We don't
try to authenticate, it probably means the user is in non logged mode.
2009-11-13 13:53:48,735
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin]
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin<http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin%5d%20%5bhttp:/ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin>]
DEBUG ldap.XWikiLDAPConfig - ldap_group_classes: [groupofnames,
groupwisedistributionlist, dynamicgroup, dynamicgroupaux, groupofuniquenames,
group]
2009-11-13 13:53:48,735
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin]
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin] DEBUG
ldap.XWikiLDAPConfig - ldap_group_memberfields: [member,
uniquemember<http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin%5d%20%5bhttp:/ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin%5d%20DEBUG%20ldap.XWikiLDAPConfig%20 -%20ldap_group_memberfields:%20%5bmember,%20uniquemember>]
2009-11-13 13:53:48,767
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin]
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin<http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin%5d%20%5bhttp:/ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin>]
DEBUG ldap.XWikiLDAPConnection - Connection to LDAP server
[hf-dom02.mega.local:389]
2009-11-13 13:53:48,782
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin]
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin<http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin%5d%20%5bhttp:/ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin>]
DEBUG ldap.XWikiLDAPConnection - Binding to LDAP server with
credentials login=[mega\sa_ad]
2009-11-13 13:53:48,813
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin]
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin<http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin%5d%20%5bhttp:/ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin>]
DEBUG ldap.XWikiLDAPUtils - Searching for the user in LDAP:
user:p.rijnhout base:dc=mega,dc=local query:(saAMAccountName=p.rijnhout)
uid:saAMAccountName
2009-11-13 13:53:48,813
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin]
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin] DEBUG
ldap.XWikiLDAPConnection - LDAP search:
baseDN=[dc=mega,dc=local<http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin%5d%20%5bhttp:/ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin%5d%20DEBUG%20ldap.XWikiLDAPConnection%20 -%20LDAP%20search:%20baseDN=%5bdc=mega,dc=local>]
query=[(saAMAccountName=p.rijnhout)] attr=[[sn, givenName, mail]] ldapScope=[2]
2009-11-13 13:53:48,829
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin]
[http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin<http://ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin%5d%20%5bhttp:/ict.mega.local/bin/loginsubmit/XWiki/XWikiLogin>]
DEBUG ldap.XWikiLDAPConnection - LDAP Search failed
LDAPReferralException: Search result reference received, and referral following
is off (10) Referral
LDAPReferralException: Referral:
ldap://ForestDnsZones.mega.local/DC=ForestDnsZones,DC=mega,DC=local
at com.novell.ldap.LDAPSearchResults.next(Unknown Source)
at com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.searchLD
Met vriendelijke groet/Best regards,
Paul Rijnhout
_______________________________________________
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
