20 Jun
2012
20 Jun
'12
11:49 a.m.
On Wed, Jun 20, 2012 at 10:06 AM, Mark Jas <mark(a)nieuwenborg.nl> wrote:
Hello,
I’m using Xwiki enterprise 4.1 with LDAP authentication to an Active Directory server.
Authentication works fine, but my group mappings don’t work.
I think the problem is that I’m using sAMAccountName as UID_attr, but the memberfields of
my groups contain the full ldap-dn of the user. So this way, they do not match and users
are not seen as members in the group.
Is my assumption correct? And is there a solution for this problem?
No, both full LDAP DN and uid are supported. It's actually better to
have DN since otherwise XWiki has to search the uid to find the actual
member DN which takes a bit more time.
Do you have the right field name listed in
xwiki.authentication.ldap.group_memberfields ? You should enable LDAP
debug log to get details on what's happening during the group sync.
See
http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HEnableL….
(I have an other site with an OpenLDAP server which has normal uid’s in the group
memberfields. This one works fine!)
Regards,
Mark
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
--
Thomas Mortagne