Hi Ryan,
Thanks for that, shortly realised afterwards my mistake.
It seems that my ldap config isn't searching before binding:
Config:
require_once ('extensions/LdapAuthentication.php');
$wgAuth = new LdapAuthenticationPlugin(); $wgLDAPDebug = 3; $wgDebugLogGroups["ldap"] = "C:\NewDebug.log" ;
$wgLDAPDomainNames = array( 'localdomain.local' );
$wgLDAPServerNames = array( 'localdomain.local' => 'DC1.localdomain.local DC2.localdomain.local' );
$wgLDAPSearchStrings = array( 'localdomain.local' => 'uid=USER-NAME,OU=Users,DC=localdomain,DC=local' );
$wgLDAPEncryptionType = array( 'localdomain.local' => 'ssl' );
$wgMinimalPasswordLength = 1;
$wgLDAPProxyAgent = array( 'localdomain.local' => 'cn=MediaWikiLDAPSearcher,ou=Users,dc=localdomain,dc=local' );
$wgLDAPProxyAgentPassword = array( 'localdomain.local' => 'MyLDAPSearcherPassword' );
Debug:
2011-02-01 21:11:11 wikidb: Entering validDomain 2011-02-01 21:11:11 wikidb: User is using a valid domain. 2011-02-01 21:11:11 wikidb: Setting domain as: localdomain.local 2011-02-01 21:11:11 wikidb: Entering getCanonicalName 2011-02-01 21:11:11 wikidb: Username isn't empty. 2011-02-01 21:11:11 wikidb: Munged username: someuser 2011-02-01 21:11:11 wikidb: Entering userExists 2011-02-01 21:11:11 wikidb: 2011-02-01 21:11:11 wikidb: Entering authenticate 2011-02-01 21:11:11 wikidb: 2011-02-01 21:11:11 wikidb: Entering Connect 2011-02-01 21:11:11 wikidb: Using SSL 2011-02-01 21:11:11 wikidb: Using servers: ldaps://DC1.localdomain.local ldaps://DC2.localdomain.local 2011-02-01 21:11:11 wikidb: Connected successfully 2011-02-01 21:11:11 wikidb: Entering getSearchString 2011-02-01 21:11:11 wikidb: Doing a straight bind 2011-02-01 21:11:11 wikidb: userdn is: uid=someuser,OU=Users,DC=localdomain,DC=local 2011-02-01 21:11:11 wikidb: 2011-02-01 21:11:11 wikidb: Binding as the user 2011-02-01 21:11:11 wikidb: Failed to bind as uid=someuser,OU=Users,DC=localdomain,DC=local 2011-02-01 21:11:11 wikidb: Entering allowPasswordChange 2011-02-01 21:11:11 wikidb: Entering modifyUITemplate
On Tue, Feb 1, 2011 at 9:12 PM, Ryan Lane rlane32@gmail.com wrote:
$wgLDAPDebug = 3; $wgDebugLogFile = 'C:\LDAPDebug.log'; require_once ('extensions/LdapAuthentication.php');
$wgAuth = new LdapAuthenticationPlugin(); //LDAP Code from "Single Domain Requiring Search Before Binding" Including proxy settings.
Please see: http://www.mediawiki.org/wiki/Extension:LDAP_Authentication/Options#Debuggin...
I use a specific log group so that the logs will be separated out:
$wgDebugLogGroups["ldap"] = "C:\LDAPDebug.log";
Also, place options after the $wgAuth line, not before it.
- Ryan Lane
MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l