Is the
example AD configuration in the Wiki the right way to do things?
My understanding is that the bind_DN and bind_pass are for setting the
username and password XWiki will use to connect to the LDAP server in
order to do a search, then the UID_attr field is searched for the
username entered on the form.
If that is correct then the bind_dn and bind_pass should either be
hardcoded to a special AD user with restricted privileges, or left
blank to bind anonymously. (I see no mention of anonymous binding?)
For the first of these XWiki connects to AD ok but then seems to
'authenticate OK' whatever username/password I enter on the form even
if the user does not exist in AD at all. Is this a bug?
I can't seem to get anonymous binding to work - if I leave bind_dn and
bind_pass empty or comment out the entries entirely I always get the
'LDAP Bind failed with Exception Invalid Credentials' error message. My
LDAP server does allow anonymous binding - I've tested this in LDAP
Browser.
Cheers
Neil
--
You receive this message as a subscriber of the xwiki-users@objectweb.org mailing list.
To unsubscribe: mailto:xwiki-users-unsubscribe@objectweb.org
For general help: mailto:sympa@objectweb.org?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws