Can anybody help with some fresh ideas on how to get mediawiki to
authenticate users against a windows 2003 AD using the
LdapAuthentication.php patch?
Details
* AD is single domain, "home.local"
* Has only one ou=wiki
* OU contains a test user with uid=test1
The following debug messages with $wgLDAPDebug = 3 are generated and all
attempts/combinations fail to bind during a straight bind or a proxy bind
Entering validDomain<br>
User is using a valid domain<br>
Entering getCanonicalName<br>
Munged username: Administrator<br>
Entering userExists<br>
Entering Connect<br>
Entering Connect<br>
Using servers: ldap://Home.Local<br>
Connected successfully<br>
Entering getSearchString<br>
Doing a straight bind<br>
userdn is: Home\Administrator<br>
Binding as the user<br>
Failed to bind as Home\Administrator<br>
Also fails to bind with the following proxy agent settings:
#$wgLDAPProxyAgent = "cn=Tester1, dc=Home,dc=Local";
#$wgLDAPProxyAgentPassword = "password"; //You should also be able to use a
hash!
I have tried the following search strings and search attributes settings
(without the #) as well as a proxy agent setting
* $wgLDAPSearchStrings =
array("Home"=>"uid=USER-NAME,CN=Users,dc=Home,dc=Local" );
* $wgLDAPSearchAttributes = array( "Home"=>"sAMAccountName" );
* $wgLDAPSearchAttributes = array( "Home"=>"uid" );
* $wgLDAPSearchStrings = array( "Home"=>"Home\\USER-NAME" );
I have proved that PHP can connect to the Ad via LDAP using a PHP script I
found to test the connection.
Can anybody assist with what I'm missing here and apply a fresh pair of eyes
to this problem?
Shane