[Mediawiki-l] LDAP Authentication to Novell eDirectory

Herb Parsons hparsons56 at gmail.com
Mon Sep 21 22:02:28 UTC 2009 

Thanks for your response! I had tried leaving a message on your blog, good
to find you here! I'll do my best on answering:

1) Versions
  Product Version MediaWiki <http://www.mediawiki.org/> 1.15.1
PHP<http://www.php.net/> 5.2.6
(apache2handler) MySQL <http://www.mysql.com/> 5.0.67
  Product Version MediaWiki <http://www.mediawiki.org/> 1.15.1
PHP<http://www.php.net/> 5.2.6
(apache2handler) MySQL <http://www.mysql.com/> 5.0.67
  Product Version MediaWiki <http://www.mediawiki.org/> 1.15.1
PHP<http://www.php.net/> 5.2.6
(apache2handler) MySQL <http://www.mysql.com/> 5.0.67
  Product Version MediaWiki <http://www.mediawiki.org/> 1.15.1
PHP<http://www.php.net/> 5.2.6
(apache2handler) MySQL <http://www.mysql.com/> 5.0.67
  MediaWiki 1.15.1
  LDAP Plugin 1.2a (beta)
2) LDAP support for PHP
  I THINK so. I was under the impression that the SLES 11 server has this
built in. How do I confirm (especially since you think this is the issue)

3) LDAP enabled - Yes, I've tried several different configurations, here is
the most current (sorry, I have to hide actual container names, but I think
you'll get the idea):

#LDAP Authentication
Require_once( 'extensions/LDAPAuthentication/LdapAuthentication.php' );
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array( "FOSAWiki" );
$wgLDAPServerNames = array( "FOSAWiki"=>"172.28.xxx.xxx"  );
$wgLDAPSearchStrings = array(
"FOSAWiki"=>"cn=USER-NAME,ou=SecondLevel,ou=FirstLevel,o=ORGANIZATION" );
$wgLDAPSearchAttributes = array( "FOSAWiki"=>"uid" );
$wgLDAPUseSSL = array( "{Wiki Identity variable}"=>"ssl" );
$wgMinimalPasswordLength = 1;

4) I have to apologize on this one. I'm not familiar enough with Linux to
know where to look in the log files. Issuing a netstat from the Linux box
running the MW system just gives me a screen shot of current activity.
Running it on the NetWare server (that has eDirectory/LDAP services) gave
me a prompt for additional swtiches (I was surprised, I didn't realize there
was a netstat nlm for NetWare).

Usage:  netstat [-aLn] [-f address_family]
        netstat [-rn] [-f address_family]
        netstat [-bdi] [-I interface] -w wait
        netstat [-s] [-p protocol]
        netstat [-s] [-f address_family] [-i] [-I interface]
        netstat -help

List of possible address families:
        inet (DARPA Internet)
5) I tried turning on debugging, but am not 100% sure I placed the /tmp
directory correctly. On my server, apache2 runs out of /srv/www/ with the
default docs directory /srv/www/htdocs I have MediaWiki running out of
/srv/www/htdocs/w I added the following tmp directories /srv/www/htdocs/tmp
and /srv/www/htdocs/w/tmp with debug.log in both, and both set to 666 (for
now) on rights. I added the following to the local configuration file, but
both debug.log files remain unchanged when enabling the LDAP module:

$wgLDAPDebug = 1;
$wgDebugLogGroups["ldap"] = "/tmp/debug.log" ;

===
Again, thanks for your response, and sorry for being such a noob to Linux.


On Mon, Sep 21, 2009 at 4:23 PM, Lane, Ryan
<Ryan.Lane at ocean.navo.navy.mil>wrote:

>  * What versions of MediaWiki and the LDAP plugin are you using?
> * Is LDAP support for PHP available?
> * Do you have the LDAP plugin enabled at the bottom of LocalSettings.php?
> * Is the client connecting to the eDirectory server at all? Check netstat,
> and check your logs for connections. If it is connecting, and immediately
> disconnecting, you have an SSL/TLS trust issue.
> * Turn on debugging on the plugin [1]
>
> I'm betting LDAP support isn't available in PHP.
>
> V/r,
>
> Ryan Lane
>
> [1]
>
> http://www.mediawiki.org/wiki/Extension:LDAP_Authentication/Options#Debuggin
> g_options
>
>
> _______________________________________________
> MediaWiki-l mailing list
> MediaWiki-l at lists.wikimedia.org
> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
>
>

More information about the MediaWiki-l mailing list