Thank you for your response, I will do that but I have a question: Do I have to 
enable the logging in XWiki. I found this page: 
http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Logging There it is said 
that the logging is already enabled at xwiki. But where does XWi,ki store the 
logging file? I uses Tomcat 5 with mod_jk to apache, and both packages are 
installed with the rpm manager. Is it possible to "tell" XWiki where the 
logging file should be stored? I am not familiar with common logging.  

Thanks,
Florian

-----Ursprüngliche Nachricht-----
Von: users-boun...@xwiki.org [mailto:users-boun...@xwiki.org] Im Auftrag von 
Thomas Mortagne
Gesendet: Freitag, 07. Mai 2010 15:31
An: XWiki Users
Betreff: Re: [xwiki-users] LDAP Autentication do not work anymore

Again, could you try to enable debug log and see what you have in the
log, it should tel you exactly why authentication partly failed.

BTW what version of XWiki is it ?

On Fri, May 7, 2010 at 14:05, Florian Rhomberg
<florian.rhomb...@nettania.at> wrote:
> Hello!
> It exactly the same version I only copied the whole XWiki folder from one 
> server to the other server. The only difference can be that we installed the 
> current Service Pack on our Windows 2008 server. But as I already said on the 
> first logon (the user don not exist in XWiki) all datas like the Surname, 
> Firstname, E-Mail address are transferred correctly from the Active 
> Directory. I tried with Softerra LDAP if an anonymous access to the LDAP is 
> possible but it is not possible. So XWiki can only get the user-data if the 
> connection to the LDAP works. On the server we also have Ilias which also 
> uses LDAP and it works without problems.
>
> I will post the xwiki.cfg settings beneath.
>
> Greetings,
> Florian
>
> Xwiki.cfg:
>
> #-------------------------------------------------------------------------------------
> # LDAP
> #-------------------------------------------------------------------------------------
>
> #-# new LDAP authentication service
> xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
>
> #-# Turn LDAP authentication on - otherwise only XWiki authentication
> #-# 0: disable
> #-# 1: enable
> xwiki.authentication.ldap=1
>
> #-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)
> xwiki.authentication.ldap.server=AD1.edv.domain.at
> xwiki.authentication.ldap.port=389
>
> #-# LDAP login, empty = anonymous access, otherwise specify full dn
> #-# {0} is replaced with the username, {1} with the password
> #xwiki.authentication.ldap.bind_DN=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP
> #xwiki.authentication.ldap.bind_pass={1}
>
> xwiki.authentication.ldap.bind_DN=edv\\{0}
> xwiki.authentication.ldap.bind_pass={1}
>
>
> #-# Force to check password after LDAP connection
> #-# 0: disable
> #-# 1: enable
> xwiki.authentication.ldap.validate_password=0
>
> #-# only members of the following group will be verified in the LDAP
> #-# otherwise only users that are found after searching starting from the 
> base_DN
> # xwiki.authentication.ldap.user_group=cn=developers,ou=groups,o=MegaNova,c=US
>
> #-# [Since 1.5RC1, XWikiLDAPAuthServiceImpl]
> #-# only users not member of the following group can autheticate
> # xwiki.authentication.ldap.exclude_group=cn=admin,ou=groups,o=MegaNova,c=US
>
> #-# base DN for searches
> xwiki.authentication.ldap.base_DN=dc=edv,dc=domain=at
>
> #-# Specifies the LDAP attribute containing the identifier to be used as the 
> XWiki name (default=cn)
> # xwiki.authentication.ldap.UID_attr=cn
>
> xwiki.authentication.ldap.UID_attr=sAMAccountName
>
> #-# [Since 1.5M1, XWikiLDAPAuthServiceImpl]
> #-# Specifies the LDAP attribute containing the password to be used "when 
> xwiki.authentication.ldap.validate_password" is set to 1
> # xwiki.authentication.ldap.password_field=userPassword
>
> #-# [Since 1.5M1, XWikiLDAPAuthServiceImpl]
> #-# The potential LDAP groups classes. Separated by commas.
> # 
> xwiki.authentication.ldap.group_classes=group,groupOfNames,groupOfUniqueNames,dynamicGroup,dynamicGroupAux,groupWiseDistributionList
>
> #-# [Since 1.5M1, XWikiLDAPAuthServiceImpl]
> #-# The potential names of the LDAP groups fields containings the members. 
> Separated by commas.
> # xwiki.authentication.ldap.group_memberfields=member,uniqueMember
>
> xwiki.authentication.ldap.group_memberfields=HTL-Lehrer
>
> #-# retrieve the following fields from LDAP and store them in the XWiki user 
> object (xwiki-attribute=ldap-attribute)
> #xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,email=mail
>
> xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=sn,first_name=givenName,fullname=displayName,email=mail,ldap_dn=dn
>
> #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl]
> #-# on every login update the mapped attributes from LDAP to XWiki otherwise 
> this happens only once when the XWiki account is created.
> xwiki.authentication.ldap.update_user=1
>
> #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl]
> #-# mapps XWiki groups to LDAP groups, separator is "|"
> # 
> xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=cn=AdminRole,ou=groups,o=MegaNova,c=US|\
> #                                        
> XWiki.Organisation=cn=testers,ou=groups,o=MegaNova,c=US
>
> #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl]
> #-# time in s after which the list of members in a group is refreshed from 
> LDAP (default=3600*6)
> xwiki.authentication.ldap.groupcache_expiration=21800
>
> #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl]
> #-# - create : synchronize group membership only when the user is first 
> created
> #-# - always: synchronize on every login
> xwiki.authentication.ldap.mode_group_sync=always
>
> #-# [Since 1.3M2, XWikiLDAPAuthServiceImpl]
> #-# if ldap authentication fails for any reason, try XWiki DB authentication 
> with the same credentials
> xwiki.authentication.ldap.trylocal=1
>
> -----Ursprüngliche Nachricht-----
> Von: users-boun...@xwiki.org [mailto:users-boun...@xwiki.org] Im Auftrag von 
> Thomas Mortagne
> Gesendet: Freitag, 07. Mai 2010 13:07
> An: XWiki Users
> Betreff: Re: [xwiki-users] LDAP Autentication do not work anymore
>
> On Fri, May 7, 2010 at 12:56, Florian Rhomberg
> <florian.rhomb...@nettania.at> wrote:
>> Hello!
>> Last week I was able to configure the XWiki authentication against an 
>> Windows 2008 AD. Everything worked. Now I transferred the wiki from the test 
>> system to the working environment and now the authentication do not work 
>> anymore. If I try to log in with an AD User I get the message "invalid 
>> Credentials". The strange thing is that if I use a user which has not ever 
>> entered the XWiki I get the same message. But if I log in with the admin 
>> account and look on the user list the user exists and all datas a correctly 
>> transferred from the AD, therefore the connection works but I cannot enter. 
>> What can be the reason for that, I do not understand this!
>
> Did you changed anythings ? It's exactly the same version ?
>
> Try to enable debug log
> (http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HEnableLDAPdebuglog)
> and see what you get.
>
>>
>> Thanks,
>> Florian
>> _______________________________________________
>> users mailing list
>> users@xwiki.org
>> http://lists.xwiki.org/mailman/listinfo/users
>>
>
>
>
> --
> Thomas Mortagne
> _______________________________________________
> users mailing list
> users@xwiki.org
> http://lists.xwiki.org/mailman/listinfo/users
> _______________________________________________
> users mailing list
> users@xwiki.org
> http://lists.xwiki.org/mailman/listinfo/users
>



-- 
Thomas Mortagne
_______________________________________________
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users

Reply via email to