LDAP authentication problem in Active Directory
jimmy at comkraft.com
jimmy at comkraft.com
Sun May 20 06:11:25 CEST 2007
Hi,
I have tried a while to switch to Active Directory (AD) for our xwiki (1.0
RC 4) authentication but was not successful so far. I took a look at the
code (LDAPAuthServiceImpl.java) and found out the error I keep getting is:
"Not such attribute"
when the code tries to compare the user input password and the real
password stored in AD using the attribute "userPassword". I guess the
reason is the binding user I use (a regular user account) doesn't have
permission to the userPassword attribute. Could someone please shed some
light on if this could be the problem?
btw, I changed the check_level from the default 1 to 2 since 1 doesn't
check password at all - which defeats the purpose of authentication. It
would allow user to log in as long as the user has the correct userid.
I am wondering why we even need this option here.
xwiki.authentication.ldap.check_level=2
I also hardcoded my CN/password in the bind_Pass and bind_DN section. the
{0} and {1} thing failed in the binding when I entered my
username(sAMAccountName) and password.
Any of your help will be highly appreciated.
Thanks
-Jimmy
More information about the users
mailing list