I've tried two other configurations. Here are the three total configurations I've tried and the three subsequent results. Let me know what you think might be wrong:
Configuration:
## This is the LDAP method require_once( 'LdapAuthentication.php' ); $wgAuth = new LdapAuthenticationPlugin(); $wgLDAPDomainNames = array( "LehighLDAP" ); $wgLDAPServerNames = array( "LehighLDAP"=>"ad.lehigh.edu" ); $wgLDAPSearchStrings = array( "LehighLDAP"=>"cn=USER-NAME,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu" ); $wgLDAPUseSSL = false; $wgLDAPEncryptionType = array( "LehighLDAP"=>"" ); $wgMinimalPasswordLength = 1;
Result:
Entering validDomain User is using a valid domain. Setting domain as: LehighLDAP Entering validDomain User is using a valid domain. Entering userExists Entering authenticate Entering Connect Using TLS or not using encryption. Using servers: ldap://ad.lehigh.edu Connected successfully Entering getSearchString Doing a straight bind userdn is: cn=tmm8,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu Binding as the user Failed to bind as cn=tmm8,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu Entering modifyUITemplate
-------------------------------------------------------------------------
Configuration:
## This is the AD method require_once( 'LdapAuthentication.php' ); $wgAuth = new LdapAuthenticationPlugin(); $wgLDAPDomainNames = array( "LehighUniversityAD" ); $wgLDAPServerNames = array( "LehighUniversityAD"=>"ad.lehigh.edu" ); $wgLDAPSearchStrings = array( "LehighUniversityAD"=>"ad.lehigh.edu\USER-NAME" ); $wgLDAPUseSSL = false; $wgLDAPEncryptionType = array( "LehighUniversityAD"=>"" ); $wgLDAPUseLocal = false; $wgMinimalPasswordLength = 1;
Result:
Entering validDomain User is using a valid domain. Setting domain as: LehighUniversityAD Entering validDomain User is using a valid domain. Entering userExists Entering authenticate Entering Connect Using TLS or not using encryption. Using servers: ldap://ad.lehigh.edu Connected successfully Entering getSearchString Doing a straight bind userdn is: ad.lehigh.edu\tmm8 Binding as the user Failed to bind as ad.lehigh.edu\tmm8 Entering modifyUITemplate
-------------------------------------------------------------------------
Configuration:
require_once( 'LdapAuthentication.php' ); $wgAuth = new LdapAuthenticationPlugin(); $wgLDAPDomainNames = array( "LehighLDAP2" ); $wgLDAPServerNames = array( "LehighLDAP2"=>"ad.lehigh.edu" ); $wgLDAPSearchAttributes = array( "LehighLDAP2"=>"cn" ); $wgLDAPBaseDNs = array( "LehighLDAP2"=>"ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu" ); $wgLDAPUseSSL = false; $wgLDAPEncryptionType = array( "LehighLDAP2"=>"" ); $wgMinimalPasswordLength = 1;
Result:
Entering validDomain User is using a valid domain. Setting domain as: LehighLDAP2 Entering validDomain User is using a valid domain. Entering userExists Entering authenticate Entering Connect Using TLS or not using encryption. Using servers: ldap://ad.lehigh.edu Connected successfully Entering getSearchString Doing an anonymous bind Entering getUserDN Created a regular filter: (cn=tmm8) Using base: ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu Couldn't find an entry userdn is: User DN is blank Entering modifyUITemplate
Tim McGeary '99, '06G Senior Systems Specialist Lehigh University 610-758-4998 tim.mcgeary@lehigh.edu
Tim McGeary wrote:
Ok, I'm trying to authentication to an AD server. We can use it as an LDAP server and not straight AD. So I'm doing the following configuration:
## This is the LDAP method require_once( 'LdapAuthentication.php' ); $wgAuth = new LdapAuthenticationPlugin(); $wgLDAPDomainNames = array( "LehighLDAP" ); $wgLDAPServerNames = array( "LehighLDAP"=>"ad.lehigh.edu" ); $wgLDAPSearchStrings = array( "LehighLDAP"=>"cn=USER-NAME,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu" ); $wgLDAPUseSSL = false; $wgLDAPEncryptionType = array( "LehighLDAP"=>"" ); $wgMinimalPasswordLength = 1;
I'm trying to create a Mediawiki account, because my username isn't in the DB, yet. So when I fill out the username, password, pw-confirm, and real name, the result of the log output is the following:
Entering validDomain User is using a valid domain. Setting domain as: LehighLDAP Entering validDomain User is using a valid domain. Entering userExists Entering authenticate Entering Connect Using TLS or not using encryption. Using servers: ldap://ad.lehigh.edu Connected successfully Entering getSearchString Doing a straight bind userdn is: cn=tmm8,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu Binding as the user Failed to bind as cn=tmm8,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu Entering modifyUITemplate
I'm definitely using the correct password, and I've confirm with the AD admin that cn=tmm8,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu is the correct information. What am I missing?
Thanks, Tim
Tim McGeary '99, '06G Senior Systems Specialist Lehigh University 610-758-4998 tim.mcgeary@lehigh.edu
Lane, Ryan wrote:
That error comes from MediaWiki, not the plugin.
Set:
$wgLDAPDebug = 3;
V/r,
Ryan Lane
-----Original Message----- From: mediawiki-l-bounces@lists.wikimedia.org [mailto:mediawiki-l-bounces@lists.wikimedia.org] On Behalf Of Tim McGeary Sent: Monday, July 09, 2007 1:20 PM To: mediawiki-l@lists.wikimedia.org Subject: [Mediawiki-l] difficulty configuring LDAP extension
Hi all,
I've been trying to configure the LDAP Extension and during my testing, I am getting an error within Mediawiki that says:
"Login error: Incorrect password entered. Please try again."
The problem I am having is that there is no such error in the LDAP extension code and no error logs being produced, so I have no clue what part of my configuration is wrong. Am I not finding the ldap server, am I not connecting, am I not binding, am I failing in a search for the user?
Anyone know how I can find out what the real error is?
Thanks, Tim McGeary
-- Tim McGeary '99, '06G Senior Systems Specialist Lehigh University 610-758-4998 tim.mcgeary@lehigh.edu
MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/mediawiki-l