[xwiki-users] LDAP Authentication Troubles

I have an OpenLDAP installation with the following simple configuration: dc=snapteam,dc=org < root (top) cn=admin < admin login for access to LDAP, no anonymous access (organizationalRole, simpleSecurityObject) ou=groups < group of groups (organizationalUnit) cn=group1 < posixGroups with multiple 'memberUid' attributes with full user DNs cn=group2 cn=admins ou=users < group of users (organizationalUnit) uid=snapadmin < user (inetOrgPerson, posixAccount) - userPassword fields with plaintext password (I'd like to change to sha or somesuch) uid=user1 < another user Here are the settings in the xwiki.cfg: xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthSer viceImpl xwiki.authentication.ldap=1 xwiki.authentication.ldap.server=127.0.0.1 xwiki.authentication.ldap.port=389 xwiki.authentication.ldap.bind_DN=cn=admin,dc=snapteam,dc=org xwiki.authentication.ldap.bind_pass=adminPassword xwiki.authentication.ldap.ldap_user_search_fmt=(&({0}={1})(objectClass=posix Account)) xwiki.authentication.ldap.user_group=ou=users,dc=snapteam,dc=org xwiki.authentication.ldap.base_DN=dc=snapteam,dc=org xwiki.authentication.ldap.group_classes=posixGroup xwiki.authentication.ldap.group_memberfields=memberUid xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,e mail=mail xwiki.authentication.ldap.update_user=1 xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=cn=admins,ou=g roups,dc=snapteam,dc=org|\ XWiki.SnapGroup=cn=snap,ou=groups,dc=snapteam,dc=org|\ XWiki.AARGroup=cn=aar,ou=groups,dc=snapteam,dc=org|\ XWiki.AACUSGroup=cn=aacus,ou=groups,dc=snapteam,dc=org xwiki.authentication.ldap.groupcache_expiration=21800 xwiki.authentication.ldap.mode_group_sync=always xwiki.authentication.ldap.trylocal=1 Here are the log trace I'm getting when trying to log in as one of the users: 2011-04-09 21:35:19,522 DEBUG xwiki.XWiki - Using custom AuthClass com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl. 2011-04-09 21:50:42,946 TRACE LDAP.XWikiLDAPAuthServiceImpl - Starting LDAP authentication 2011-04-09 21:50:42,946 DEBUG LDAP.XWikiLDAPAuthServiceImpl - The provided user is null. We don't try to authenticate, it probably means the user is in non logged mode. 2011-04-09 21:50:42,948 TRACE LDAP.XWikiLDAPAuthServiceImpl - Starting LDAP authentication 2011-04-09 21:50:42,967 DEBUG LDAP.XWikiLDAPAuthServiceImpl - Checking if the user belongs to the user group: ou=users,dc=snapteam,dc=org 2011-04-09 21:50:42,969 DEBUG LDAP.XWikiLDAPAuthServiceImpl - Local LDAP authentication failed. at com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticateInCont ext(XWikiLDAPAuthServiceImpl.java:339) at com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWiki LDAPAuthServiceImpl.java:190) at com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAP AuthServiceImpl.java:137) 2011-04-09 21:50:42,970 DEBUG LDAP.XWikiLDAPAuthServiceImpl - Trying authentication against XWiki DB 2011-04-09 21:50:42,974 DEBUG LDAP.XWikiLDAPAuthServiceImpl - LDAP authentication failed for user [snapadmin] Any help would be appreciated. Thanks! Joel Schuster joel.schuster(a)opsysinc.com 719-510-0181