I've tried two other configurations. Here are the three total
configurations I've tried and the three subsequent results. Let me know
what you think might be wrong:
Configuration:
## This is the LDAP method
require_once( 'LdapAuthentication.php' );
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array( "LehighLDAP" );
$wgLDAPServerNames = array( "LehighLDAP"=>"ad.lehigh.edu" );
$wgLDAPSearchStrings = array(
"LehighLDAP"=>"cn=USER-NAME,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu"
);
$wgLDAPUseSSL = false;
$wgLDAPEncryptionType = array( "LehighLDAP"=>"" );
$wgMinimalPasswordLength = 1;
Result:
Entering validDomain
User is using a valid domain.
Setting domain as: LehighLDAP
Entering validDomain
User is using a valid domain.
Entering userExists
Entering authenticate
Entering Connect
Using TLS or not using encryption.
Using servers:
ldap://ad.lehigh.edu
Connected successfully
Entering getSearchString
Doing a straight bind
userdn is: cn=tmm8,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu
Binding as the user
Failed to bind as cn=tmm8,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu
Entering modifyUITemplate
-------------------------------------------------------------------------
Configuration:
## This is the AD method
require_once( 'LdapAuthentication.php' );
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array( "LehighUniversityAD" );
$wgLDAPServerNames = array( "LehighUniversityAD"=>"ad.lehigh.edu"
);
$wgLDAPSearchStrings = array(
"LehighUniversityAD"=>"ad.lehigh.edu\\USER-NAME" );
$wgLDAPUseSSL = false;
$wgLDAPEncryptionType = array( "LehighUniversityAD"=>"" );
$wgLDAPUseLocal = false;
$wgMinimalPasswordLength = 1;
Result:
Entering validDomain
User is using a valid domain.
Setting domain as: LehighUniversityAD
Entering validDomain
User is using a valid domain.
Entering userExists
Entering authenticate
Entering Connect
Using TLS or not using encryption.
Using servers:
ldap://ad.lehigh.edu
Connected successfully
Entering getSearchString
Doing a straight bind
userdn is: ad.lehigh.edu\tmm8
Binding as the user
Failed to bind as ad.lehigh.edu\tmm8
Entering modifyUITemplate
-------------------------------------------------------------------------
Configuration:
require_once( 'LdapAuthentication.php' );
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array( "LehighLDAP2" );
$wgLDAPServerNames = array( "LehighLDAP2"=>"ad.lehigh.edu" );
$wgLDAPSearchAttributes = array( "LehighLDAP2"=>"cn" );
$wgLDAPBaseDNs = array(
"LehighLDAP2"=>"ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu" );
$wgLDAPUseSSL = false;
$wgLDAPEncryptionType = array( "LehighLDAP2"=>"" );
$wgMinimalPasswordLength = 1;
Result:
Entering validDomain
User is using a valid domain.
Setting domain as: LehighLDAP2
Entering validDomain
User is using a valid domain.
Entering userExists
Entering authenticate
Entering Connect
Using TLS or not using encryption.
Using servers:
ldap://ad.lehigh.edu
Connected successfully
Entering getSearchString
Doing an anonymous bind
Entering getUserDN
Created a regular filter: (cn=tmm8)
Using base: ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu
Couldn't find an entry
userdn is:
User DN is blank
Entering modifyUITemplate
Tim McGeary '99, '06G
Senior Systems Specialist
Lehigh University
610-758-4998
tim.mcgeary(a)lehigh.edu
Tim McGeary wrote:
Ok, I'm trying to authentication to an AD server.
We can use it as an
LDAP server and not straight AD. So I'm doing the following configuration:
## This is the LDAP method
require_once( 'LdapAuthentication.php' );
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array( "LehighLDAP" );
$wgLDAPServerNames = array( "LehighLDAP"=>"ad.lehigh.edu" );
$wgLDAPSearchStrings = array(
"LehighLDAP"=>"cn=USER-NAME,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu"
);
$wgLDAPUseSSL = false;
$wgLDAPEncryptionType = array( "LehighLDAP"=>"" );
$wgMinimalPasswordLength = 1;
I'm trying to create a Mediawiki account, because my username isn't in
the DB, yet. So when I fill out the username, password, pw-confirm, and
real name, the result of the log output is the following:
Entering validDomain
User is using a valid domain.
Setting domain as: LehighLDAP
Entering validDomain
User is using a valid domain.
Entering userExists
Entering authenticate
Entering Connect
Using TLS or not using encryption.
Using servers:
ldap://ad.lehigh.edu
Connected successfully
Entering getSearchString
Doing a straight bind
userdn is: cn=tmm8,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu
Binding as the user
Failed to bind as cn=tmm8,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu
Entering modifyUITemplate
I'm definitely using the correct password, and I've confirm with the AD
admin that cn=tmm8,ou=f-s,ou=ir,dc=ad,dc=lehigh,dc=edu is the correct
information. What am I missing?
Thanks,
Tim
Tim McGeary '99, '06G
Senior Systems Specialist
Lehigh University
610-758-4998
tim.mcgeary(a)lehigh.edu
Lane, Ryan wrote:
That error comes from MediaWiki, not the plugin.
Set:
$wgLDAPDebug = 3;
V/r,
Ryan Lane
-----Original Message-----
From: mediawiki-l-bounces(a)lists.wikimedia.org
[mailto:mediawiki-l-bounces@lists.wikimedia.org] On Behalf Of
Tim McGeary
Sent: Monday, July 09, 2007 1:20 PM
To: mediawiki-l(a)lists.wikimedia.org
Subject: [Mediawiki-l] difficulty configuring LDAP extension
Hi all,
I've been trying to configure the LDAP Extension and during
my testing, I am getting an error within Mediawiki that says:
"Login error: Incorrect password entered. Please try again."
The problem I am having is that there is no such error in the
LDAP extension code and no error logs being produced, so I
have no clue what part of my configuration is wrong. Am I
not finding the ldap server, am I not connecting, am I not
binding, am I failing in a search for the user?
Anyone know how I can find out what the real error is?
Thanks,
Tim McGeary
--
Tim McGeary '99, '06G
Senior Systems Specialist
Lehigh University
610-758-4998
tim.mcgeary(a)lehigh.edu
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/mediawiki-l