[xwiki-users] LDAP Multiple Domains - Workaround

Found out a nice "workaround" (which isn't a real one of course..) For all who experience the same problem: Create a AD-group that contains all users that have to log into your XWiki. The users can be located in different subdomains / servers. Then set the xwiki.authentication.ldap.user_group parameter to that group (you have to use the full qualified name to the group, not only the group's name). XWiki will search in the member-Fields of that group. If the user is found as a member, XWiki seems to try a binding with that user, which should work, because the member field contains the full qualified name of that user (inclusive subdomain). Take care of the xwiki.authentication.ldap.UID_attr parameter, because most likely you'll have it set to "sAMAccountName". However, it can be that in the group-membership fields the user is represented by "cn", so you may have to use the "cn" for the UID_attr and login with the cn instead of the sAMAccountName. (Shall I put this "guide" somewhere onto the xwiki homepage? Where would be the best place...) Steve -- View this message in context: http://n2.nabble.com/LDAP-Multiple-Domains-tp510482p580443.html Sent from the XWiki- Users mailing list archive at Nabble.com.