Hi Ryan,
Thanks for that, shortly realised afterwards my mistake.
It seems that my ldap config isn't searching before binding:
Config:
require_once ('extensions/LdapAuthentication.php');
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDebug = 3;
$wgDebugLogGroups["ldap"] = "C:\NewDebug.log" ;
$wgLDAPDomainNames = array(
'localdomain.local'
);
$wgLDAPServerNames = array(
'localdomain.local' => 'DC1.localdomain.local DC2.localdomain.local'
);
$wgLDAPSearchStrings = array(
'localdomain.local' =>
'uid=USER-NAME,OU=Users,DC=localdomain,DC=local'
);
$wgLDAPEncryptionType = array(
'localdomain.local' => 'ssl'
);
$wgMinimalPasswordLength = 1;
$wgLDAPProxyAgent = array(
'localdomain.local' =>
'cn=MediaWikiLDAPSearcher,ou=Users,dc=localdomain,dc=local'
);
$wgLDAPProxyAgentPassword = array(
'localdomain.local' => 'MyLDAPSearcherPassword'
);
Debug:
2011-02-01 21:11:11 wikidb: Entering validDomain
2011-02-01 21:11:11 wikidb: User is using a valid domain.
2011-02-01 21:11:11 wikidb: Setting domain as: localdomain.local
2011-02-01 21:11:11 wikidb: Entering getCanonicalName
2011-02-01 21:11:11 wikidb: Username isn't empty.
2011-02-01 21:11:11 wikidb: Munged username: someuser
2011-02-01 21:11:11 wikidb: Entering userExists
2011-02-01 21:11:11 wikidb:
2011-02-01 21:11:11 wikidb: Entering authenticate
2011-02-01 21:11:11 wikidb:
2011-02-01 21:11:11 wikidb: Entering Connect
2011-02-01 21:11:11 wikidb: Using SSL
2011-02-01 21:11:11 wikidb: Using servers:
ldaps://DC1.localdomain.local ldaps://DC2.localdomain.local
2011-02-01 21:11:11 wikidb: Connected successfully
2011-02-01 21:11:11 wikidb: Entering getSearchString
2011-02-01 21:11:11 wikidb: Doing a straight bind
2011-02-01 21:11:11 wikidb: userdn is:
uid=someuser,OU=Users,DC=localdomain,DC=local
2011-02-01 21:11:11 wikidb:
2011-02-01 21:11:11 wikidb: Binding as the user
2011-02-01 21:11:11 wikidb: Failed to bind as
uid=someuser,OU=Users,DC=localdomain,DC=local
2011-02-01 21:11:11 wikidb: Entering allowPasswordChange
2011-02-01 21:11:11 wikidb: Entering modifyUITemplate
On Tue, Feb 1, 2011 at 9:12 PM, Ryan Lane <rlane32(a)gmail.com> wrote:
$wgLDAPDebug =
3;
$wgDebugLogFile = 'C:\LDAPDebug.log';
require_once ('extensions/LdapAuthentication.php');
$wgAuth = new LdapAuthenticationPlugin();
//LDAP Code from "Single Domain Requiring Search Before Binding"
Including proxy settings.
Please see:
http://www.mediawiki.org/wiki/Extension:LDAP_Authentication/Options#Debuggi…
I use a specific log group so that the logs will be separated out:
$wgDebugLogGroups["ldap"] = "C:\LDAPDebug.log";
Also, place options after the $wgAuth line, not before it.
- Ryan Lane
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l