22 Oct
2008
22 Oct
'08
6:32 p.m.
I can't seem to get my XWiki to recognize my AD usernames. Can anyone
take a look at my xwiki.cfg to see if I'm doing something wrong?
When I try to log into the xwiki, I get a "Wrong User name", and the
user i'm using is in the crbs-admin group, which I've mapped to the
XWiki.XWikiAdminGroup group.
Thanks,
Sam
#-# new LDAP authentication service^M
xwiki
.authentication
.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
#-# Turn LDAP authentication on - otherwise only XWiki authentication
#-# 0: disable
#-# 1: enable^M
xwiki.authentication.ldap=1
#-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)^M
xwiki.authentication.ldap.server=ldap.ad.xxxx.yyy
xwiki.authentication.ldap.port=636
#-# LDAP login, empty = anonymous access, otherwise specify full dn ^M
#-# {0} is replaced with the username, {1} with the password
#
xwiki
.authentication
.ldap
.bind_DN
=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP^M
xwiki.authentication.ldap.bind_DN={0}
xwiki.authentication.ldap.bind_pass={1}
#-# Force to check password after LDAP connection
#-# 0: disable
#-# 1: enable
xwiki.authentication.ldap.validate_password=0
^M
#-# only members of the following group will be verified in the LDAP^M
# otherwise only users that are found after searching starting from
the base_DN^M
#
xwiki
.authentication
.ldap.user_group=cn=developers,ou=groups,o=MegaNova,c=US^M
^M
#-# base DN for searches^M
xwiki.authentication.ldap.base_DN=OU=CRBS,DC=AD,DC=XXXX,DC=YYY
^M
#-# Specifies the LDAP attribute containing the identifier to be used
as the XWiki name (default=cn)^M
xwiki.authentication.ldap.UID_attr=sAMAccountName
#-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
#-# Specifies the LDAP attribute containing the password to be used
"when xwiki.authentication.ldap.validate_password" is set to 1
# xwiki.authentication.ldap.password_field=userPassword
#-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
#-# The potential LDAP groups classes. Separated by commas.
#
xwiki
.authentication
.ldap
.group_classes
=
group
,groupOfNames
,groupOfUniqueNames
,dynamicGroup,dynamicGroupAux,groupWiseDistributionList
#-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
#-# The potential names of the LDAP groups fields containings the
members. Separated by commas.
# xwiki.authentication.ldap.group_memberfields=member,uniqueMember^M
^M
#-# retrieve the following fields from LDAP and store them in the
XWiki user object (xwiki-attribute=ldap-attribute)
#-# ldap_dn=dn -- dn is set by class, caches dn in XWiki.user object
for faster access^M
xwiki
.authentication
.ldap
.fields_mapping
=
name
=
sAMAccountName
,last_name
=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn
^M
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# on every login update the mapped attributes from LDAP to XWiki
otherwise this happens only once when the XWiki account is created.^M
xwiki.authentication.ldap.update_user=1
^M
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# mapps XWiki groups to LDAP groups, separator is "|"^M
xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=CN=crbs-
admin,OU=CRBS,DC=AD,DC=XXXX,DC=YYY|XWiki.XWiki.AllGroup=CN=crbs-
users,OU=CRBS,DC=AD,DC=XXXX,DC=YYY
#
XWiki.Organisation=cn=testers,ou=groups,o=MegaNova,c=US^M
^M
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# time in s after which the list of members in a group is refreshed
from LDAP (default=3600*6)^M
# xwiki.authentication.ldap.groupcache_expiration=21800^M
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]^M
#-# - create : synchronize group membership only when the user is
first created
#-# - always: synchronize on every login^M
# xwiki.authentication.ldap.mode_group_sync=always^M
^M
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# if ldap authentication fails for any reason, try XWiki DB
authentication with the same credentials^M
xwiki.authentication.ldap.trylocal=1
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# SSL connection to LDAP server
#-# 0: normal
#-# 1: SSL
# xwiki.authentication.ldap.ssl=0
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# The keystore file to use in SSL connection
# xwiki.authentication.ldap.ssl.keystore=
#-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
#-# The java secure provider used in SSL connection
#
xwiki
.authentication
.ldap.ssl.secure_provider=com.sun.net.ssl.internal.ssl.Provider
22 Oct
22 Oct
6:44 p.m.
Hi,
On Wed, Oct 22, 2008 at 6:32 PM, Samuel Lee <samlee(a)ncmir.ucsd.edu> wrote:
I can't seem to get my XWiki to recognize my AD
usernames. Can anyone
take a look at my xwiki.cfg to see if I'm doing something wrong?
When I try to log into the xwiki, I get a "Wrong User name", and the
user i'm using is in the crbs-admin group, which I've mapped to the
XWiki.XWikiAdminGroup group.
Thanks,
Sam
#-# new LDAP authentication service^M
xwiki
.authentication
.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
#-# Turn LDAP authentication on - otherwise only XWiki authentication
#-# 0: disable
#-# 1: enable^M
xwiki.authentication.ldap=1
#-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)^M
xwiki.authentication.ldap.server=ldap.ad.xxxx.yyy
xwiki.authentication.ldap.port=636
#-# LDAP login, empty = anonymous access, otherwise specify full dn ^M
#-# {0} is replaced with the username, {1} with the password
#
xwiki
.authentication
.ldap
.bind_DN
=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP^M
xwiki.authentication.ldap.bind_DN={0}
This means that the login entered by use will be used to authenticate
against LDAP/AD server. But enter an uid and not the complete DN.
You should look at
http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HLDAPCon…
xwiki.authentication.ldap.bind_pass={1}
#-# Force to check password after LDAP connection
#-# 0: disable
#-# 1: enable
xwiki.authentication.ldap.validate_password=0
^M
#-# only members of the following group will be verified in the LDAP^M
# otherwise only users that are found after searching starting from
the base_DN^M
#
xwiki
.authentication
.ldap.user_group=cn=developers,ou=groups,o=MegaNova,c=US^M
^M
#-# base DN for searches^M
xwiki.authentication.ldap.base_DN=OU=CRBS,DC=AD,DC=XXXX,DC=YYY
^M
#-# Specifies the LDAP attribute containing the identifier to be used
as the XWiki name (default=cn)^M
xwiki.authentication.ldap.UID_attr=sAMAccountName
#-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
#-# Specifies the LDAP attribute containing the password to be used
"when xwiki.authentication.ldap.validate_password" is set to 1
# xwiki.authentication.ldap.password_field=userPassword
#-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
#-# The potential LDAP groups classes. Separated by commas.
#
xwiki
.authentication
.ldap
.group_classes
=
group
,groupOfNames
,groupOfUniqueNames
,dynamicGroup,dynamicGroupAux,groupWiseDistributionList
#-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
#-# The potential names of the LDAP groups fields containings the
members. Separated by commas.
# xwiki.authentication.ldap.group_memberfields=member,uniqueMember^M
^M
#-# retrieve the following fields from LDAP and store them in the
XWiki user object (xwiki-attribute=ldap-attribute)
#-# ldap_dn=dn -- dn is set by class, caches dn in XWiki.user object
for faster access^M
xwiki
.authentication
.ldap
.fields_mapping
=
name
=
sAMAccountName
,last_name
=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn
^M
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# on every login update the mapped attributes from LDAP to XWiki
otherwise this happens only once when the XWiki account is created.^M
xwiki.authentication.ldap.update_user=1
^M
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# mapps XWiki groups to LDAP groups, separator is "|"^M
xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=CN=crbs-
admin,OU=CRBS,DC=AD,DC=XXXX,DC=YYY|XWiki.XWiki.AllGroup=CN=crbs-
users,OU=CRBS,DC=AD,DC=XXXX,DC=YYY
#
XWiki.Organisation=cn=testers,ou=groups,o=MegaNova,c=US^M
^M
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# time in s after which the list of members in a group is refreshed
from LDAP (default=3600*6)^M
# xwiki.authentication.ldap.groupcache_expiration=21800^M
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]^M
#-# - create : synchronize group membership only when the user is
first created
#-# - always: synchronize on every login^M
# xwiki.authentication.ldap.mode_group_sync=always^M
^M
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# if ldap authentication fails for any reason, try XWiki DB
authentication with the same credentials^M
xwiki.authentication.ldap.trylocal=1
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# SSL connection to LDAP server
#-# 0: normal
#-# 1: SSL
# xwiki.authentication.ldap.ssl=0
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# The keystore file to use in SSL connection
# xwiki.authentication.ldap.ssl.keystore=
#-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
#-# The java secure provider used in SSL connection
#
xwiki
.authentication
.ldap.ssl.secure_provider=com.sun.net.ssl.internal.ssl.Provider
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
--
Thomas Mortagne
7:22 p.m.
Hm,
I'm still getting nothing. Where are the logs for ldap related issues
held?
Sam
On Oct 22, 2008, at 9:44 AM, Thomas Mortagne wrote:
Hi,
On Wed, Oct 22, 2008 at 6:32 PM, Samuel Lee <samlee(a)ncmir.ucsd.edu>
wrote:
I can't seem to get my XWiki to recognize my
AD usernames. Can
anyone
take a look at my xwiki.cfg to see if I'm doing something wrong?
When I try to log into the xwiki, I get a "Wrong User name", and the
user i'm using is in the crbs-admin group, which I've mapped to the
XWiki.XWikiAdminGroup group.
Thanks,
Sam
#-# new LDAP authentication service^M
xwiki
.authentication
.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
#-# Turn LDAP authentication on - otherwise only XWiki authentication
#-# 0: disable
#-# 1: enable^M
xwiki.authentication.ldap=1
#-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)^M
xwiki.authentication.ldap.server=ldap.ad.xxxx.yyy
xwiki.authentication.ldap.port=636
#-# LDAP login, empty = anonymous access, otherwise specify full dn
^M
#-# {0} is replaced with the username, {1} with the password
#
xwiki
.authentication
.ldap
.bind_DN
=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP^M
xwiki.authentication.ldap.bind_DN={0}
This means that the login entered by use will be used to authenticate
against LDAP/AD server. But enter an uid and not the complete DN.
You should look at
http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HLDAPCon…
xwiki.authentication.ldap.bind_pass={1}
#-# Force to check password after LDAP connection
#-# 0: disable
#-# 1: enable
xwiki.authentication.ldap.validate_password=0
^M
#-# only members of the following group will be verified in the
LDAP^M
# otherwise only users that are found after searching starting from
the base_DN^M
#
xwiki
.authentication
.ldap.user_group=cn=developers,ou=groups,o=MegaNova,c=US^M
^M
#-# base DN for searches^M
xwiki.authentication.ldap.base_DN=OU=CRBS,DC=AD,DC=XXXX,DC=YYY
^M
#-# Specifies the LDAP attribute containing the identifier to be used
as the XWiki name (default=cn)^M
xwiki.authentication.ldap.UID_attr=sAMAccountName
#-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
#-# Specifies the LDAP attribute containing the password to be used
"when xwiki.authentication.ldap.validate_password" is set to 1
# xwiki.authentication.ldap.password_field=userPassword
#-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
#-# The potential LDAP groups classes. Separated by commas.
#
xwiki
.authentication
.ldap
.group_classes
=
group
,groupOfNames
,groupOfUniqueNames
,dynamicGroup,dynamicGroupAux,groupWiseDistributionList
#-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
#-# The potential names of the LDAP groups fields containings the
members. Separated by commas.
# xwiki.authentication.ldap.group_memberfields=member,uniqueMember^M
^M
#-# retrieve the following fields from LDAP and store them in the
XWiki user object (xwiki-attribute=ldap-attribute)
#-# ldap_dn=dn -- dn is set by class, caches dn in XWiki.user object
for faster access^M
xwiki
.authentication
.ldap
.fields_mapping
=
name
=
sAMAccountName
,last_name
=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn
^M
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# on every login update the mapped attributes from LDAP to XWiki
otherwise this happens only once when the XWiki account is created.^M
xwiki.authentication.ldap.update_user=1
^M
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# mapps XWiki groups to LDAP groups, separator is "|"^M
xwiki
.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=CN=crbs-
admin,OU=CRBS,DC=AD,DC=XXXX,DC=YYY|XWiki.XWiki.AllGroup=CN=crbs-
users,OU=CRBS,DC=AD,DC=XXXX,DC=YYY
#
XWiki.Organisation=cn=testers,ou=groups,o=MegaNova,c=US^M
^M
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# time in s after which the list of members in a group is refreshed
from LDAP (default=3600*6)^M
# xwiki.authentication.ldap.groupcache_expiration=21800^M
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]^M
#-# - create : synchronize group membership only when the user is
first created
#-# - always: synchronize on every login^M
# xwiki.authentication.ldap.mode_group_sync=always^M
^M
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# if ldap authentication fails for any reason, try XWiki DB
authentication with the same credentials^M
xwiki.authentication.ldap.trylocal=1
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# SSL connection to LDAP server
#-# 0: normal
#-# 1: SSL
# xwiki.authentication.ldap.ssl=0
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# The keystore file to use in SSL connection
# xwiki.authentication.ldap.ssl.keystore=
#-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
#-# The java secure provider used in SSL connection
#
xwiki
.authentication
.ldap.ssl.secure_provider=com.sun.net.ssl.internal.ssl.Provider
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
--
Thomas Mortagne
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
23 Oct
23 Oct
12:08 a.m.
Ok, so, I'm still getting nothing. I've been running a netstat, and I
can see the xwiki trying to hit our ldap server on port 389. I've
turned on debug logging, including ldap logging, but I'm getting no
ldap messages. I'm seeing xwikiLogin attempts in the logs. Oh, and I
don't know if this matters, but I'm using the XWiki Enterprise Manager
1.3.12583.
Using the LDAP browser, I can see my ldap structure:
host: ldap.ad.xxxx.yyy
port: 389
Base DN: OU=CRBS,DC=AD,DC=XXXX, DC=YYY
(No SSL, No Anonymous bind - requires login/pass to do queries)
User DN: crbsldap (no append base DN)
password: *********
Take a look at my configuration, and see if there's something wrong:
xwiki
.authentication
.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
#-# XWiki LDAP authentication logging
log4j.logger.com.xpn.xwiki.plugin.ldap=debug
log4j.logger.com.xpn.xwiki.user.impl.LDAP=debug
#-# Turn LDAP authentication on - otherwise only XWiki authentication
#-# 0: disable
#-# 1: enable^M
xwiki.authentication.ldap=1
#-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)^M
xwiki.authentication.ldap.server=ldap.ad.xxxx.yyy
xwiki.authentication.ldap.port=389
#-# LDAP login, empty = anonymous access, otherwise specify full dn ^M
#-# {0} is replaced with the username, {1} with the password
#
xwiki
.authentication
.ldap
.bind_DN
=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP^M
#####xwiki
.authentication
.ldap.bind_DN=cn=crbsldap,OU=USERS,OU=CRBS,DC=AD,DC=XXXX,DC=YYY
# For xwiki.authentication.ldap.bind_DN=, I've tried crbsldap |
cn=crbsldap | ad\crbsldap | ad\\crbsldap |
cn=crbsldap,OU=USERS,OU=CRBS,DC=AD,DC=XXXX,DC=YYY
xwiki.authentication.ldap.bind_DN=crbsldap
xwiki.authentication.ldap.bind_pass=********
#-# Force to check password after LDAP connection
#-# 0: disable
#-# 1: enable
xwiki.authentication.ldap.validate_password=1
^M
#-# only members of the following group will be verified in the LDAP^M
# otherwise only users that are found after searching starting from
the base_DN^M
#
xwiki
.authentication
.ldap.user_group=cn=developers,ou=groups,o=MegaNova,c=US^M
^M
#-# base DN for searches^M
xwiki.authentication.ldap.base_DN=OU=CRBS,DC=AD,DC=XXXX,DC=YYY
^M
#-# Specifies the LDAP attribute containing the identifier to be used
as the XWiki name (default=cn)^M
xwiki.authentication.ldap.UID_attr=sAMAccountName
8:30 a.m.
You have to use current username and password:
xwiki.authentication.ldap.bind_DN=yourdomain\{0}
xwiki.authentication.ldap.bind_pass={1}
not like you did:
xwiki.authentication.ldap.bind_DN=crbsldap
xwiki.authentication.ldap.bind_pass=********
Quoting Samuel Lee : Ok, so, I'm still getting nothing. I've been
running a netstat, and I
can see the xwiki trying to hit our ldap server on port 389. I've
turned on debug logging, including ldap logging, but I'm getting no
ldap messages. I'm seeing xwikiLogin attempts in the logs. Oh, and
I
don't know if this matters, but I'm using the XWiki Enterprise
Manager
1.3.12583.
Using the LDAP browser, I can see my ldap structure:
host: ldap.ad.xxxx.yyy
port: 389
Base DN: OU=CRBS,DC=AD,DC=XXXX, DC=YYY
(No SSL, No Anonymous bind - requires login/pass to do queries)
User DN: crbsldap (no append base DN)
password: *********
Take a look at my configuration, and see if there's something
wrong:
xwiki
.authentication
.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
#-# XWiki LDAP authentication logging
log4j.logger.com.xpn.xwiki.plugin.ldap=debug
log4j.logger.com.xpn.xwiki.user.impl.LDAP=debug
#-# Turn LDAP authentication on - otherwise only XWiki
authentication
#-# 0: disable
#-# 1: enable^M
xwiki.authentication.ldap=1
#-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)^M
xwiki.authentication.ldap.server=ldap.ad.xxxx.yyy
xwiki.authentication.ldap.port=389
#-# LDAP login, empty = anonymous access, otherwise specify full dn
^M
#-# {0} is replaced with the username, {1} with the password
#
xwiki
.authentication
.ldap
.bind_DN
=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP^M
#####xwiki
.authentication
.ldap.bind_DN=cn=crbsldap,OU=USERS,OU=CRBS,DC=AD,DC=XXXX,DC=YYY
# For xwiki.authentication.ldap.bind_DN=, I've tried crbsldap |
cn=crbsldap | adcrbsldap | ad\crbsldap |
cn=crbsldap,OU=USERS,OU=CRBS,DC=AD,DC=XXXX,DC=YYY
xwiki.authentication.ldap.bind_DN=crbsldap
xwiki.authentication.ldap.bind_pass=********
#-# Force to check password after LDAP connection
#-# 0: disable
#-# 1: enable
xwiki.authentication.ldap.validate_password=1
^M
#-# only members of the following group will be verified in the
LDAP^M
# otherwise only users that are found after searching starting from
the base_DN^M
#
xwiki
.authentication
.ldap.user_group=cn=developers,ou=groups,o=MegaNova,c=US^M
^M
#-# base DN for searches^M
xwiki.authentication.ldap.base_DN=OU=CRBS,DC=AD,DC=XXXX,DC=YYY
^M
#-# Specifies the LDAP attribute containing the identifier to be
used
as the XWiki name (default=cn)^M
xwiki.authentication.ldap.UID_attr=sAMAccountName
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
Ar cieņu, Mihails
Links:
------
[1] mailto:samlee@ncmir.ucsd.edu
24 Oct
24 Oct
8:48 p.m.
Here's what I have for my LDAP bind configuration:
xwiki.authentication.ldap.bind_DN=AD\{0}
xwiki.authentication.ldap.bind_pass={1}
My debug logs show:
11:45:40,862 [http://xxxx.localdomain.com:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin
] [http-8080-Processor25] DEBUG ldap.XWikiLDAPConnection -
Connection to LDAP server [ldap.ad.xxxx.yyy:389]
11:45:40,870 [http://xxxx.localdomain.com:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin
] [http-8080-Processor25] DEBUG ldap.XWikiLDAPConnection -
Binding to LDAP server with credentials login=[ADusername]
password=[******]
11:45:40,871 [http://xxxx.localdomain.com:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin
] [http-8080-Processor25] DEBUG LDAP.XWikiLDAPAuthServiceImpl -
Global LDAP authentication failed.
It's showing the login as ADusername instead of AD\username
I've tried this configuration with AD\\{0} or just {0}.
Any ideas?
Sam
On Oct 22, 2008, at 11:30 PM, Mihails Agafonovs wrote:
You have to use current username and password:
xwiki.authentication.ldap.bind_DN=yourdomain\{0}
xwiki.authentication.ldap.bind_pass={1}
not like you did:
xwiki.authentication.ldap.bind_DN=crbsldap
xwiki.authentication.ldap.bind_pass=********
8:55 p.m.
Never mind, I found the one posting with the correct syntax....
requires:
xwiki.authentication.ldap.bind_DN=AD\\{0}
On Oct 24, 2008, at 11:48 AM, Samuel Lee wrote:
Here's what I have for my LDAP bind configuration:
xwiki.authentication.ldap.bind_DN=AD\{0}
xwiki.authentication.ldap.bind_pass={1}
My debug logs show:
11:45:40,862 [http://xxxx.localdomain.com:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin
] [http-8080-Processor25] DEBUG ldap.XWikiLDAPConnection -
Connection to LDAP server [ldap.ad.xxxx.yyy:389]
11:45:40,870 [http://xxxx.localdomain.com:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin
] [http-8080-Processor25] DEBUG ldap.XWikiLDAPConnection -
Binding to LDAP server with credentials login=[ADusername]
password=[******]
11:45:40,871 [http://xxxx.localdomain.com:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin
] [http-8080-Processor25] DEBUG LDAP.XWikiLDAPAuthServiceImpl -
Global LDAP authentication failed.
It's showing the login as ADusername instead of AD\username
I've tried this configuration with AD\\{0} or just {0}.
Any ideas?
Sam
On Oct 22, 2008, at 11:30 PM, Mihails Agafonovs wrote:
You have to use current username and password:
xwiki.authentication.ldap.bind_DN=yourdomain\{0}
xwiki.authentication.ldap.bind_pass={1}
not like you did:
xwiki.authentication.ldap.bind_DN=crbsldap
xwiki.authentication.ldap.bind_pass=********
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
6219
days inactive
6221
days old
6 comments
3 participants
participants (3)
-
Mihails Agafonovs -
Samuel Lee -
Thomas Mortagne