These are not correct. I have no idea where everyone keeps getting
"$wgLDAPUseSSL = false;" from, that hasn't been a config option in over
a year :). If you don't want to use encryption, use:
$wgLDAPEncryptionType = array( "LehighLDAP"=>"clear" );
See:
rver_and_connection_configuration_options for more information on
encryption.
However, notice that AD, by default, is configured to require encryption
when binding to the server. Unless your admin specifically turned that
off, you may need to use encryption (either TLS, or SSL). You'll need to
ensure the AD server has an SSL certificate installed that is signed by
a CA your server trusts.
Also, are you using an older version of the plugin? I coulda swore the
plugin fails when TLS doesn't start properly. I can't find it in the
changelog, so I can't tell you the exact version I fixed that in...
V/r,
Ryan Lane
I'm trying to create a Mediawiki account,
because my username
isn't in the DB, yet. So when I fill out the username,
password, pw-confirm, and real name, the result of the log
output is the following:
Entering validDomain
User is using a valid domain.
Setting domain as: LehighLDAP
Entering validDomain
User is using a valid domain.
Entering userExists
Entering authenticate
Entering Connect
Using TLS or not using encryption.
Using servers:
ldap://ad.lehigh.edu
Connected successfully
Entering getSearchString
Doing a straight bind
userdn is: cn=tmm8,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu
Binding as the user
Failed to bind as cn=tmm8,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu
Entering modifyUITemplate
I'm definitely using the correct password, and I've confirm
with the AD admin that
cn=tmm8,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu is the correct
information. What am I missing?
Thanks,
Tim
Tim McGeary '99, '06G
Senior Systems Specialist
Lehigh University
610-758-4998
tim.mcgeary(a)lehigh.edu
Lane, Ryan wrote:
That error comes from MediaWiki, not the plugin.
Set:
$wgLDAPDebug = 3;
V/r,
Ryan Lane
-----Original Message-----
From: mediawiki-l-bounces(a)lists.wikimedia.org
[mailto:mediawiki-l-bounces@lists.wikimedia.org] On Behalf Of Tim
McGeary
Sent: Monday, July 09, 2007 1:20 PM
To: mediawiki-l(a)lists.wikimedia.org
Subject: [Mediawiki-l] difficulty configuring LDAP extension
Hi all,
I've been trying to configure the LDAP Extension and during my
testing, I am getting an error within Mediawiki that says:
"Login error: Incorrect password entered. Please try again."
The problem I am having is that there is no such error in the LDAP
extension code and no error logs being produced, so I have no clue
what part of my configuration is wrong. Am I not finding the ldap
server, am I not connecting, am I not binding, am I failing in a
search for the user?
Anyone know how I can find out what the real error is?
Thanks,
Tim McGeary
--
Tim McGeary '99, '06G
Senior Systems Specialist
Lehigh University
610-758-4998
tim.mcgeary(a)lehigh.edu
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/mediawiki-l