[xwiki-users] Active Directory 2.

Mihails Agafonovs _muxa at inbox.lv
Thu Jul 17 09:49:32 CEST 2008 

I do have successfully configured authentication to AD. You can try
the following configuration:

xwiki.authentication.ldap.bind_DN={0}
xwiki.authentication.ldap.bind_pass={1}
 xwiki.authentication.ldap.UID_attr=cn
xwiki.authentication.ldap.bind_DN=anyusername.surname at domain.com
xwiki.authentication.ldap.bind_pass=anyusername.surname's password

Then, your users'll have to login using name.surname as a username,
since the authentication using sAMAccountName is yet implemented(?).

 Quoting Zoltan Gyula Beck : Hi Philip!
 Yes, all of my users can see the ldap tree, I tried with
ldapbrowser.
 Any other ideas?
 bzg
 2008/7/16 Wright, Philip <Philip.Wright at acs-inc.com>:
 > Also can all of your user's view your LDAP?  Or do you need a
login with
 > admin privileges to do so? If you need admin privileges to view
the ldap you
 > would need to replace:
 >
 >
xwiki.authentication.ldap.bind_DN=cn={0},ou=COMPANY,dc=company,dc=intranet
 > xwiki.authentication.ldap.bind_pass={1}
 >
 > With:
 >
 >
xwiki.authentication.ldap.bind_DN=cn=***AdminUsername***,ou=COMPANY,dc=compa
 > ny,dc=intranet
 > xwiki.authentication.ldap.bind_pass=***AdminPassword***
 >
 >
 > Philip Wright
 >
 >
 >
 >
 > -----Original Message-----
 > From: users-bounces at xwiki.org [mailto:users-bounces at xwiki.org]
On Behalf Of
 > Zoltan Gyula Beck
 > Sent: Tuesday, July 15, 2008 2:28 PM
 > To: XWiki Users
 > Subject: Re: [xwiki-users] Active Directory 2.
 >
 > Thank you Philip, but how can I do it? Can you explain me
please. The
 > xwiki.authentication.ldap.UID_attr=sAMAccountName is set, but
doesn't work
 > for me, if in login I write the balazs or beck "user
names".
 >
 >  Best Regards,
 > bzg
 >
 >
 > 2008/7/15 Wright, Philip <Philip.Wright at acs-inc.com>:
 >> I would suggest changing the ldap authentication to look at
your
 >> samaccountname's since they appear to not have any spaces,
periods or
 >> special characters which I have noticed break the
authentication.
 >>
 >>
 >>
 >>
 >> Philip Wright
 >>
 >> Reports Analyst
 >>
 >> ACS: BPS
 >> Affiliated Computer Services, Inc
 >>
 >>
 >>
 >> Affiliated Computer Services, Inc (ACS) Proprietary and
Confidential
 >> Information This document (or any part thereof) may not be
 >> disseminated outside of ACS in either electronic or
physical form
 >> without specific authorization of the office of the ACS
Chief
 >> Information Security Officer. The information included in
this
 >> document represents no commitment by ACS to any other
party. The
 >> policies and standards described do not consider any
country law or
 >> other directive outside of the United States.
 >>
 >> P Please consider the environment before printing this
email
 >>
 >>
 >> -----Original Message-----
 >> From: users-bounces at xwiki.org
[mailto:users-bounces at xwiki.org] On
 >> Behalf Of Zoltan Gyula Beck
 >> Sent: Tuesday, July 15, 2008 8:27 AM
 >> To: users at xwiki.org
 >> Subject: [xwiki-users] Active Directory 2.
 >>
 >> Hi Members!
 >>
 >>  I still have problems with xwiki and Active Directory
authentication.
 >> I upgraded to 1.5 RC1, but didn't helped.
 >>
 >>  This are my users ldif:
 >> dn: CN=Sztar Balazs, OU=COMPANY, DC=company,DC=intranet
 >> displayName: Sztar Balazs
 >> givenName: Sztar
 >> sAMAccountType: 805306368
 >> primaryGroupID: 513
 >> objectClass: top
 >> objectClass: person
 >> objectClass: organizationalPerson
 >> objectClass: user
 >> badPasswordTime: 128606019171875000
 >> objectCategory:
 >> CN=Person,CN=Schema,CN=Configuration,DC=company,DC=intranet
 >> cn: Sztar Balazs
 >> userAccountControl: 66048
 >> userPrincipalName: balazs at company.intranet
 >> codePage: 0
 >> distinguishedName: CN=Sztar
Balazs,OU=COMPANY,DC=company,DC=intranet
 >> whenChanged: 20080715132556.0Z
 >> whenCreated: 20080707142421.0Z
 >> pwdLastSet: 128606019568593750
 >> logonCount: 0
 >> accountExpires: 9223372036854775807
 >> lastLogoff: 0
 >> objectGUID:
^LB¯¡Úr]G<93>ç.;zöA
 >> sn: Balazs
 >> lastLogon: 128606019762343750
 >> uSNChanged: 16406
 >> uSNCreated: 13936
 >> objectSid:
^A^E^@^@^@^@^@^E^U^@^@^@Ú¤uÊ^?<99><94>ãÜ»¼iT^D^@^@
 >> countryCode: 0
 >> sAMAccountName: balazs
 >> instanceType: 4
 >> badPwdCount: 0
 >> name: Sztar Balazs
 >>
 >>
 >> dn: CN=Zoltán Beck, OU=COMPANY,
DC=company,DC=intranet
 >> displayName: Zoltán Beck
 >> givenName: Zoltán
 >> sAMAccountType: 805306368
 >> primaryGroupID: 513
 >> objectClass: top
 >> objectClass: person
 >> objectClass: organizationalPerson
 >> objectClass: user
 >> badPasswordTime: 0
 >> objectCategory:
 >> CN=Person,CN=Schema,CN=Configuration,DC=company,DC=intranet
 >> cn: Zoltán Beck
 >> userAccountControl: 66048
 >> userPrincipalName: beck at company.intranet
 >> codePage: 0
 >> distinguishedName: CN=Zoltán
Beck,OU=COMPANY,DC=company,DC=intranet
 >> whenChanged: 20080715143431.0Z
 >> whenCreated: 20080715143431.0Z
 >> pwdLastSet: 128606060713750000
 >> logonCount: 0
 >> accountExpires: 9223372036854775807
 >> lastLogoff: 0
 >> objectGUID:
Ì~õÜPuýC<93><8f>)¾¨<8b>^WÃ
 >> sn: Beck
 >> lastLogon: 0
 >> uSNChanged: 16425
 >> uSNCreated: 16419
 >> objectSid:
^A^E^@^@^@^@^@^E^U^@^@^@Ú¤uÊ^?<99><94>ãÜ»¼iU^D^@^@
 >> countryCode: 0
 >> sAMAccountName: beck
 >> instanceType: 4
 >> badPwdCount: 0
 >> name: Zoltán Beck
 >>
 >>
 >>  xwiki.cfg:
 >> xwiki.authentication.ldap=1
 >> xwiki.authentication.ldap.server=172.16.1.165
 >> xwiki.authentication.ldap.check_level=1
 >> xwiki.authentication.ldap.port=389
 >> xwiki.authentication.ldap.base_DN=dc=company,dc=intranet
 >>
xwiki.authentication.ldap.bind_DN=cn={0},ou=COMPANY,dc=company,dc=intr
 >> anet xwiki.authentication.ldap.bind_pass={1}
 >> xwiki.authentication.ldap.UID_attr=sAMAccountName
 >>
xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name
 >> =sn,fi
rst_name=givenName,fullname=displayName,mail=cn,ldap_dn=dn
 >>
 >> So actually with Sztar Balazs user I an loging and user the
wiki, but
 >> with Zoltán Beck I got the following error:
 >> [15/Jul/2008:17:03:27] info (20106): CORE3282: stdout:
2008-07-15
 >> 17:03:27,844
 >>
[https://unixdba.sysman.hu/xwiki/bin/loginsubmit/XWiki/XWikiLogin]
 >> [service-j2ee-8] ERROR LDAP.LDAPAuthServiceImpl        -
LDAP Bind
 >> failed with Exception Invalid Credentials
 >>
 >> In the Active Directory Event Viever I can't see anything
about this
 >> failed login attempt!
 >>
 >> It is possible to login with sAMAccountName attribute or it
will be
 >> developed in the near future?
 >>
 >>  Best regards,
 >> bzg
 >> --
 >> Zoltan Gyula Beck
 >> Tel.: +36-70-328-9306
 >> E-Mail: beckzg at gmail.com
 >> _______________________________________________
 >> users mailing list
 >> users at xwiki.org
 >> http://lists.xwiki.org/mailman/listinfo/users
 >> _______________________________________________
 >> users mailing list
 >> users at xwiki.org
 >> http://lists.xwiki.org/mailman/listinfo/users
 >>
 >
 >
 >
 > --
 > Zoltan Gyula Beck
 > Tel.: +36-70-328-9306
 > E-Mail: beckzg at gmail.com
 > _______________________________________________
 > users mailing list
 > users at xwiki.org
 > http://lists.xwiki.org/mailman/listinfo/users
 > _______________________________________________
 > users mailing list
 > users at xwiki.org
 > http://lists.xwiki.org/mailman/listinfo/users
 >
 -- 
 Zoltan Gyula Beck
 Tel.: +36-70-328-9306
 E-Mail: beckzg at gmail.com
 _______________________________________________
 users mailing list
 users at xwiki.org
 http://lists.xwiki.org/mailman/listinfo/users
 Ar cieņu, Mihails

Links:
------
[1] mailto:beckzg at gmail.com

More information about the users mailing list