16 Jul
2008
16 Jul
'08
12:23 a.m.
Also can all of your user's view your LDAP? Or do you need a login with
admin privileges to do so? If you need admin privileges to view the ldap you
would need to replace:
xwiki.authentication.ldap.bind_DN=cn={0},ou=COMPANY,dc=company,dc=intranet
xwiki.authentication.ldap.bind_pass={1}
With:
xwiki.authentication.ldap.bind_DN=cn=***AdminUsername***,ou=COMPANY,dc=compa
ny,dc=intranet
xwiki.authentication.ldap.bind_pass=***AdminPassword***
Philip Wright
-----Original Message-----
From: users-bounces(a)xwiki.org [mailto:users-bounces@xwiki.org] On Behalf Of
Zoltan Gyula Beck
Sent: Tuesday, July 15, 2008 2:28 PM
To: XWiki Users
Subject: Re: [xwiki-users] Active Directory 2.
Thank you Philip, but how can I do it? Can you explain me please. The
xwiki.authentication.ldap.UID_attr=sAMAccountName is set, but doesn't work
for me, if in login I write the balazs or beck "user names".
Best Regards,
bzg
2008/7/15 Wright, Philip <Philip.Wright(a)acs-inc.com>om>:
I would suggest changing the ldap authentication to
look at your
samaccountname's since they appear to not have any spaces, periods or
special characters which I have noticed break the authentication.
Philip Wright
Reports Analyst
ACS: BPS
Affiliated Computer Services, Inc
Affiliated Computer Services, Inc (ACS) Proprietary and Confidential
Information This document (or any part thereof) may not be
disseminated outside of ACS in either electronic or physical form
without specific authorization of the office of the ACS Chief
Information Security Officer. The information included in this
document represents no commitment by ACS to any other party. The
policies and standards described do not consider any country law or
other directive outside of the United States.
P Please consider the environment before printing this email
-----Original Message-----
From: users-bounces(a)xwiki.org [mailto:users-bounces@xwiki.org] On
Behalf Of Zoltan Gyula Beck
Sent: Tuesday, July 15, 2008 8:27 AM
To: users(a)xwiki.org
Subject: [xwiki-users] Active Directory 2.
Hi Members!
I still have problems with xwiki and Active Directory authentication.
I upgraded to 1.5 RC1, but didn't helped.
This are my users ldif:
dn: CN=Sztar Balazs, OU=COMPANY, DC=company,DC=intranet
displayName: Sztar Balazs
givenName: Sztar
sAMAccountType: 805306368
primaryGroupID: 513
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
badPasswordTime: 128606019171875000
objectCategory:
CN=Person,CN=Schema,CN=Configuration,DC=company,DC=intranet
cn: Sztar Balazs
userAccountControl: 66048
userPrincipalName: balazs(a)company.intranet
codePage: 0
distinguishedName: CN=Sztar Balazs,OU=COMPANY,DC=company,DC=intranet
whenChanged: 20080715132556.0Z
whenCreated: 20080707142421.0Z
pwdLastSet: 128606019568593750
logonCount: 0
accountExpires: 9223372036854775807
lastLogoff: 0
objectGUID: ^LB¯¡Úr]G<93>ç.;\zöA
sn: Balazs
lastLogon: 128606019762343750
uSNChanged: 16406
uSNCreated: 13936
objectSid: ^A^E^@^@^@^@^@^E^U^@^@^@Ú¤uÊ^?<99><94>ãÜ»¼iT^D^@^@
countryCode: 0
sAMAccountName: balazs
instanceType: 4
badPwdCount: 0
name: Sztar Balazs
dn: CN=Zoltán Beck, OU=COMPANY, DC=company,DC=intranet
displayName: Zoltán Beck
givenName: Zoltán
sAMAccountType: 805306368
primaryGroupID: 513
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
badPasswordTime: 0
objectCategory:
CN=Person,CN=Schema,CN=Configuration,DC=company,DC=intranet
cn: Zoltán Beck
userAccountControl: 66048
userPrincipalName: beck(a)company.intranet
codePage: 0
distinguishedName: CN=Zoltán Beck,OU=COMPANY,DC=company,DC=intranet
whenChanged: 20080715143431.0Z
whenCreated: 20080715143431.0Z
pwdLastSet: 128606060713750000
logonCount: 0
accountExpires: 9223372036854775807
lastLogoff: 0
objectGUID: Ì~õÜPuýC<93><8f>)¾¨<8b>^WÃ
sn: Beck
lastLogon: 0
uSNChanged: 16425
uSNCreated: 16419
objectSid: ^A^E^@^@^@^@^@^E^U^@^@^@Ú¤uÊ^?<99><94>ãÜ»¼iU^D^@^@
countryCode: 0
sAMAccountName: beck
instanceType: 4
badPwdCount: 0
name: Zoltán Beck
xwiki.cfg:
xwiki.authentication.ldap=1
xwiki.authentication.ldap.server=172.16.1.165
xwiki.authentication.ldap.check_level=1
xwiki.authentication.ldap.port=389
xwiki.authentication.ldap.base_DN=dc=company,dc=intranet
xwiki.authentication.ldap.bind_DN=cn={0},ou=COMPANY,dc=company,dc=intr
anet xwiki.authentication.ldap.bind_pass={1}
xwiki.authentication.ldap.UID_attr=sAMAccountName
xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name
=sn,fi rst_name=givenName,fullname=displayName,mail=cn,ldap_dn=dn
So actually with Sztar Balazs user I an loging and user the wiki, but
with Zoltán Beck I got the following error:
[15/Jul/2008:17:03:27] info (20106): CORE3282: stdout: 2008-07-15
17:03:27,844
[https://unixdba.sysman.hu/xwiki/bin/loginsubmit/XWiki/XWikiLogin]
[service-j2ee-8] ERROR LDAP.LDAPAuthServiceImpl - LDAP Bind
failed with Exception Invalid Credentials
In the Active Directory Event Viever I can't see anything about this
failed login attempt!
It is possible to login with sAMAccountName attribute or it will be
developed in the near future?
Best regards,
bzg
--
Zoltan Gyula Beck
Tel.: +36-70-328-9306
E-Mail: beckzg(a)gmail.com
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
--
Zoltan Gyula Beck
Tel.: +36-70-328-9306
E-Mail: beckzg(a)gmail.com
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
16 Jul
16 Jul
6:18 a.m.
New subject: [xwiki-users] Active Directory 2.
Try checking to see if you need to be using a subdomain on your binddn.
My company uses a subdomain for logging in:
Example, for windows login, we enter our username and password and where to
login (either to the network or to the local machine). IF THIS IS THE CASE,
then an admin username and admin password will most likely NOT be required.
If you are logging into a subdomain, try changing the bind_DN=***\\{0} and
bind_pass={1}, where *** is the subdomain you log into. As far as I know
the double \'s are needed.
Eric
-----Original Message-----
From: users-bounces(a)xwiki.org [mailto:users-bounces@xwiki.org] On Behalf Of
Wright, Philip
Sent: Tuesday, July 15, 2008 6:24 PM
To: XWiki Users
Subject: Re: [xwiki-users] Active Directory 2.
Also can all of your user's view your LDAP? Or do you need a login with
admin privileges to do so? If you need admin privileges to view the ldap you
would need to replace:
xwiki.authentication.ldap.bind_DN=cn={0},ou=COMPANY,dc=company,dc=intranet
xwiki.authentication.ldap.bind_pass={1}
With:
xwiki.authentication.ldap.bind_DN=cn=***AdminUsername***,ou=COMPANY,dc=compa
ny,dc=intranet
xwiki.authentication.ldap.bind_pass=***AdminPassword***
Philip Wright
-----Original Message-----
From: users-bounces(a)xwiki.org [mailto:users-bounces@xwiki.org] On Behalf Of
Zoltan Gyula Beck
Sent: Tuesday, July 15, 2008 2:28 PM
To: XWiki Users
Subject: Re: [xwiki-users] Active Directory 2.
Thank you Philip, but how can I do it? Can you explain me please. The
xwiki.authentication.ldap.UID_attr=sAMAccountName is set, but doesn't work
for me, if in login I write the balazs or beck "user names".
Best Regards,
bzg
2008/7/15 Wright, Philip <Philip.Wright(a)acs-inc.com>om>:
I would suggest changing the ldap authentication to
look at your
samaccountname's since they appear to not have any spaces, periods or
special characters which I have noticed break the authentication.
Philip Wright
Reports Analyst
ACS: BPS
Affiliated Computer Services, Inc
Affiliated Computer Services, Inc (ACS) Proprietary and Confidential
Information This document (or any part thereof) may not be
disseminated outside of ACS in either electronic or physical form
without specific authorization of the office of the ACS Chief
Information Security Officer. The information included in this
document represents no commitment by ACS to any other party. The
policies and standards described do not consider any country law or
other directive outside of the United States.
P Please consider the environment before printing this email
-----Original Message-----
From: users-bounces(a)xwiki.org [mailto:users-bounces@xwiki.org] On
Behalf Of Zoltan Gyula Beck
Sent: Tuesday, July 15, 2008 8:27 AM
To: users(a)xwiki.org
Subject: [xwiki-users] Active Directory 2.
Hi Members!
I still have problems with xwiki and Active Directory authentication.
I upgraded to 1.5 RC1, but didn't helped.
This are my users ldif:
dn: CN=Sztar Balazs, OU=COMPANY, DC=company,DC=intranet
displayName: Sztar Balazs
givenName: Sztar
sAMAccountType: 805306368
primaryGroupID: 513
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
badPasswordTime: 128606019171875000
objectCategory:
CN=Person,CN=Schema,CN=Configuration,DC=company,DC=intranet
cn: Sztar Balazs
userAccountControl: 66048
userPrincipalName: balazs(a)company.intranet
codePage: 0
distinguishedName: CN=Sztar Balazs,OU=COMPANY,DC=company,DC=intranet
whenChanged: 20080715132556.0Z
whenCreated: 20080707142421.0Z
pwdLastSet: 128606019568593750
logonCount: 0
accountExpires: 9223372036854775807
lastLogoff: 0
objectGUID: ^LB¯¡Úr]G<93>ç.;\zöA
sn: Balazs
lastLogon: 128606019762343750
uSNChanged: 16406
uSNCreated: 13936
objectSid: ^A^E^@^@^@^@^@^E^U^@^@^@Ú¤uÊ^?<99><94>ãÜ»¼iT^D^@^@
countryCode: 0
sAMAccountName: balazs
instanceType: 4
badPwdCount: 0
name: Sztar Balazs
dn: CN=Zoltán Beck, OU=COMPANY, DC=company,DC=intranet
displayName: Zoltán Beck
givenName: Zoltán
sAMAccountType: 805306368
primaryGroupID: 513
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
badPasswordTime: 0
objectCategory:
CN=Person,CN=Schema,CN=Configuration,DC=company,DC=intranet
cn: Zoltán Beck
userAccountControl: 66048
userPrincipalName: beck(a)company.intranet
codePage: 0
distinguishedName: CN=Zoltán Beck,OU=COMPANY,DC=company,DC=intranet
whenChanged: 20080715143431.0Z
whenCreated: 20080715143431.0Z
pwdLastSet: 128606060713750000
logonCount: 0
accountExpires: 9223372036854775807
lastLogoff: 0
objectGUID: Ì~õÜPuýC<93><8f>)¾¨<8b>^WÃ
sn: Beck
lastLogon: 0
uSNChanged: 16425
uSNCreated: 16419
objectSid: ^A^E^@^@^@^@^@^E^U^@^@^@Ú¤uÊ^?<99><94>ãÜ»¼iU^D^@^@
countryCode: 0
sAMAccountName: beck
instanceType: 4
badPwdCount: 0
name: Zoltán Beck
xwiki.cfg:
xwiki.authentication.ldap=1
xwiki.authentication.ldap.server=172.16.1.165
xwiki.authentication.ldap.check_level=1
xwiki.authentication.ldap.port=389
xwiki.authentication.ldap.base_DN=dc=company,dc=intranet
xwiki.authentication.ldap.bind_DN=cn={0},ou=COMPANY,dc=company,dc=intr
anet xwiki.authentication.ldap.bind_pass={1}
xwiki.authentication.ldap.UID_attr=sAMAccountName
xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name
=sn,fi rst_name=givenName,fullname=displayName,mail=cn,ldap_dn=dn
So actually with Sztar Balazs user I an loging and user the wiki, but
with Zoltán Beck I got the following error:
[15/Jul/2008:17:03:27] info (20106): CORE3282: stdout: 2008-07-15
17:03:27,844
[https://unixdba.sysman.hu/xwiki/bin/loginsubmit/XWiki/XWikiLogin]
[service-j2ee-8] ERROR LDAP.LDAPAuthServiceImpl - LDAP Bind
failed with Exception Invalid Credentials
In the Active Directory Event Viever I can't see anything about this
failed login attempt!
It is possible to login with sAMAccountName attribute or it will be
developed in the near future?
Best regards,
bzg
--
Zoltan Gyula Beck
Tel.: +36-70-328-9306
E-Mail: beckzg(a)gmail.com
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
--
Zoltan Gyula Beck
Tel.: +36-70-328-9306
E-Mail: beckzg(a)gmail.com
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
17 Jul
17 Jul
9:13 a.m.
New subject: [xwiki-users] Active Directory 2.
Hi Philip!
Yes, all of my users can see the ldap tree, I tried with ldapbrowser.
Any other ideas?
bzg
2008/7/16 Wright, Philip <Philip.Wright(a)acs-inc.com>om>:
Also can all of your user's view your LDAP? Or do
you need a login with
admin privileges to do so? If you need admin privileges to view the ldap you
would need to replace:
xwiki.authentication.ldap.bind_DN=cn={0},ou=COMPANY,dc=company,dc=intranet
xwiki.authentication.ldap.bind_pass={1}
With:
xwiki.authentication.ldap.bind_DN=cn=***AdminUsername***,ou=COMPANY,dc=compa
ny,dc=intranet
xwiki.authentication.ldap.bind_pass=***AdminPassword***
Philip Wright
-----Original Message-----
From: users-bounces(a)xwiki.org [mailto:users-bounces@xwiki.org] On Behalf Of
Zoltan Gyula Beck
Sent: Tuesday, July 15, 2008 2:28 PM
To: XWiki Users
Subject: Re: [xwiki-users] Active Directory 2.
Thank you Philip, but how can I do it? Can you explain me please. The
xwiki.authentication.ldap.UID_attr=sAMAccountName is set, but doesn't work
for me, if in login I write the balazs or beck "user names".
Best Regards,
bzg
2008/7/15 Wright, Philip <Philip.Wright(a)acs-inc.com>om>:
--
Zoltan Gyula Beck
Tel.: +36-70-328-9306
E-Mail: beckzg(a)gmail.com
I would suggest changing the ldap authentication
to look at your
samaccountname's since they appear to not have any spaces, periods or
special characters which I have noticed break the authentication.
Philip Wright
Reports Analyst
ACS: BPS
Affiliated Computer Services, Inc
Affiliated Computer Services, Inc (ACS) Proprietary and Confidential
Information This document (or any part thereof) may not be
disseminated outside of ACS in either electronic or physical form
without specific authorization of the office of the ACS Chief
Information Security Officer. The information included in this
document represents no commitment by ACS to any other party. The
policies and standards described do not consider any country law or
other directive outside of the United States.
P Please consider the environment before printing this email
-----Original Message-----
From: users-bounces(a)xwiki.org [mailto:users-bounces@xwiki.org] On
Behalf Of Zoltan Gyula Beck
Sent: Tuesday, July 15, 2008 8:27 AM
To: users(a)xwiki.org
Subject: [xwiki-users] Active Directory 2.
Hi Members!
I still have problems with xwiki and Active Directory authentication.
I upgraded to 1.5 RC1, but didn't helped.
This are my users ldif:
dn: CN=Sztar Balazs, OU=COMPANY, DC=company,DC=intranet
displayName: Sztar Balazs
givenName: Sztar
sAMAccountType: 805306368
primaryGroupID: 513
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
badPasswordTime: 128606019171875000
objectCategory:
CN=Person,CN=Schema,CN=Configuration,DC=company,DC=intranet
cn: Sztar Balazs
userAccountControl: 66048
userPrincipalName: balazs(a)company.intranet
codePage: 0
distinguishedName: CN=Sztar Balazs,OU=COMPANY,DC=company,DC=intranet
whenChanged: 20080715132556.0Z
whenCreated: 20080707142421.0Z
pwdLastSet: 128606019568593750
logonCount: 0
accountExpires: 9223372036854775807
lastLogoff: 0
objectGUID: ^LB¯¡Úr]G<93>ç.;\zöA
sn: Balazs
lastLogon: 128606019762343750
uSNChanged: 16406
uSNCreated: 13936
objectSid: ^A^E^@^@^@^@^@^E^U^@^@^@Ú¤uÊ^?<99><94>ãÜ»¼iT^D^@^@
countryCode: 0
sAMAccountName: balazs
instanceType: 4
badPwdCount: 0
name: Sztar Balazs
dn: CN=Zoltán Beck, OU=COMPANY, DC=company,DC=intranet
displayName: Zoltán Beck
givenName: Zoltán
sAMAccountType: 805306368
primaryGroupID: 513
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
badPasswordTime: 0
objectCategory:
CN=Person,CN=Schema,CN=Configuration,DC=company,DC=intranet
cn: Zoltán Beck
userAccountControl: 66048
userPrincipalName: beck(a)company.intranet
codePage: 0
distinguishedName: CN=Zoltán Beck,OU=COMPANY,DC=company,DC=intranet
whenChanged: 20080715143431.0Z
whenCreated: 20080715143431.0Z
pwdLastSet: 128606060713750000
logonCount: 0
accountExpires: 9223372036854775807
lastLogoff: 0
objectGUID: Ì~õÜPuýC<93><8f>)¾¨<8b>^WÃ
sn: Beck
lastLogon: 0
uSNChanged: 16425
uSNCreated: 16419
objectSid: ^A^E^@^@^@^@^@^E^U^@^@^@Ú¤uÊ^?<99><94>ãÜ»¼iU^D^@^@
countryCode: 0
sAMAccountName: beck
instanceType: 4
badPwdCount: 0
name: Zoltán Beck
xwiki.cfg:
xwiki.authentication.ldap=1
xwiki.authentication.ldap.server=172.16.1.165
xwiki.authentication.ldap.check_level=1
xwiki.authentication.ldap.port=389
xwiki.authentication.ldap.base_DN=dc=company,dc=intranet
xwiki.authentication.ldap.bind_DN=cn={0},ou=COMPANY,dc=company,dc=intr
anet xwiki.authentication.ldap.bind_pass={1}
xwiki.authentication.ldap.UID_attr=sAMAccountName
xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name
=sn,fi rst_name=givenName,fullname=displayName,mail=cn,ldap_dn=dn
So actually with Sztar Balazs user I an loging and user the wiki, but
with Zoltán Beck I got the following error:
[15/Jul/2008:17:03:27] info (20106): CORE3282: stdout: 2008-07-15
17:03:27,844
[https://unixdba.sysman.hu/xwiki/bin/loginsubmit/XWiki/XWikiLogin]
[service-j2ee-8] ERROR LDAP.LDAPAuthServiceImpl - LDAP Bind
failed with Exception Invalid Credentials
In the Active Directory Event Viever I can't see anything about this
failed login attempt!
It is possible to login with sAMAccountName attribute or it will be
developed in the near future?
Best regards,
bzg
--
Zoltan Gyula Beck
Tel.: +36-70-328-9306
E-Mail: beckzg(a)gmail.com
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
--
Zoltan Gyula Beck
Tel.: +36-70-328-9306
E-Mail: beckzg(a)gmail.com
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
9:49 a.m.
New subject: [xwiki-users] Active Directory 2.
I do have successfully configured authentication to AD. You can try
the following configuration:
xwiki.authentication.ldap.bind_DN={0}
xwiki.authentication.ldap.bind_pass={1}
xwiki.authentication.ldap.UID_attr=cn
xwiki.authentication.ldap.bind_DN=anyusername.surname(a)domain.com
xwiki.authentication.ldap.bind_pass=anyusername.surname's password
Then, your users'll have to login using name.surname as a username,
since the authentication using sAMAccountName is yet implemented(?).
Quoting Zoltan Gyula Beck : Hi Philip!
Yes, all of my users can see the ldap tree, I tried with
ldapbrowser.
Any other ideas?
bzg
2008/7/16 Wright, Philip &lt;Philip.Wright(a)acs-inc.com&gt;nc.com>:
> Also can all of your user's view your LDAP? Or do you need a
login with
> admin privileges to do so? If you need admin privileges to view
the ldap you
> would need to replace:
>
>
xwiki.authentication.ldap.bind_DN=cn={0},ou=COMPANY,dc=company,dc=intranet
> xwiki.authentication.ldap.bind_pass={1}
>
> With:
>
>
xwiki.authentication.ldap.bind_DN=cn=***AdminUsername***,ou=COMPANY,dc=compa
> ny,dc=intranet
> xwiki.authentication.ldap.bind_pass=***AdminPassword***
>
>
> Philip Wright
>
>
>
>
> -----Original Message-----
> From: users-bounces(a)xwiki.org [mailto:users-bounces@xwiki.org]
On Behalf Of
> Zoltan Gyula Beck
> Sent: Tuesday, July 15, 2008 2:28 PM
> To: XWiki Users
> Subject: Re: [xwiki-users] Active Directory 2.
>
> Thank you Philip, but how can I do it? Can you explain me
please. The
> xwiki.authentication.ldap.UID_attr=sAMAccountName is set, but
doesn't work
> for me, if in login I write the balazs or beck "user
names".
>
> Best Regards,
> bzg
>
>
> 2008/7/15 Wright, Philip &lt;Philip.Wright(a)acs-inc.com&gt;nc.com>:
>> I would suggest changing the ldap authentication to look at
your
>> samaccountname's since they appear to not have any spaces,
periods or
>> special characters which I have noticed break the
authentication.
>>
>>
>>
>>
>> Philip Wright
>>
>> Reports Analyst
>>
>> ACS: BPS
>> Affiliated Computer Services, Inc
>>
>>
>>
>> Affiliated Computer Services, Inc (ACS) Proprietary and
Confidential
>> Information This document (or any part thereof) may not be
>> disseminated outside of ACS in either electronic or
physical form
>> without specific authorization of the office of the ACS
Chief
>> Information Security Officer. The information included in
this
>> document represents no commitment by ACS to any other
party. The
>> policies and standards described do not consider any
country law or
>> other directive outside of the United States.
>>
>> P Please consider the environment before printing this
email
>>
>>
>> -----Original Message-----
>> From: users-bounces(a)xwiki.org
[mailto:users-bounces@xwiki.org] On
>> Behalf Of Zoltan Gyula Beck
>> Sent: Tuesday, July 15, 2008 8:27 AM
>> To: users(a)xwiki.org
>> Subject: [xwiki-users] Active Directory 2.
>>
>> Hi Members!
>>
>> I still have problems with xwiki and Active Directory
authentication.
>> I upgraded to 1.5 RC1, but didn't helped.
>>
>> This are my users ldif:
>> dn: CN=Sztar Balazs, OU=COMPANY, DC=company,DC=intranet
>> displayName: Sztar Balazs
>> givenName: Sztar
>> sAMAccountType: 805306368
>> primaryGroupID: 513
>> objectClass: top
>> objectClass: person
>> objectClass: organizationalPerson
>> objectClass: user
>> badPasswordTime: 128606019171875000
>> objectCategory:
>> CN=Person,CN=Schema,CN=Configuration,DC=company,DC=intranet
>> cn: Sztar Balazs
>> userAccountControl: 66048
>> userPrincipalName: balazs(a)company.intranet
>> codePage: 0
>> distinguishedName: CN=Sztar
Balazs,OU=COMPANY,DC=company,DC=intranet
>> whenChanged: 20080715132556.0Z
>> whenCreated: 20080707142421.0Z
>> pwdLastSet: 128606019568593750
>> logonCount: 0
>> accountExpires: 9223372036854775807
>> lastLogoff: 0
>> objectGUID:
^LB¯¡Úr]G<93>ç.;zöA
>> sn: Balazs
>> lastLogon: 128606019762343750
>> uSNChanged: 16406
>> uSNCreated: 13936
>> objectSid:
^A^E^@^@^@^@^@^E^U^@^@^@Ú¤uÊ^?<99><94>ãÜ»¼iT^D^@^@
>> countryCode: 0
>> sAMAccountName: balazs
>> instanceType: 4
>> badPwdCount: 0
>> name: Sztar Balazs
>>
>>
>> dn: CN=Zoltán Beck, OU=COMPANY,
DC=company,DC=intranet
>> displayName: Zoltán Beck
>> givenName: Zoltán
>> sAMAccountType: 805306368
>> primaryGroupID: 513
>> objectClass: top
>> objectClass: person
>> objectClass: organizationalPerson
>> objectClass: user
>> badPasswordTime: 0
>> objectCategory:
>> CN=Person,CN=Schema,CN=Configuration,DC=company,DC=intranet
>> cn: Zoltán Beck
>> userAccountControl: 66048
>> userPrincipalName: beck(a)company.intranet
>> codePage: 0
>> distinguishedName: CN=Zoltán
Beck,OU=COMPANY,DC=company,DC=intranet
>> whenChanged: 20080715143431.0Z
>> whenCreated: 20080715143431.0Z
>> pwdLastSet: 128606060713750000
>> logonCount: 0
>> accountExpires: 9223372036854775807
>> lastLogoff: 0
>> objectGUID:
Ì~õÜPuýC<93><8f>)¾¨<8b>^WÃ
>> sn: Beck
>> lastLogon: 0
>> uSNChanged: 16425
>> uSNCreated: 16419
>> objectSid:
^A^E^@^@^@^@^@^E^U^@^@^@Ú¤uÊ^?<99><94>ãÜ»¼iU^D^@^@
>> countryCode: 0
>> sAMAccountName: beck
>> instanceType: 4
>> badPwdCount: 0
>> name: Zoltán Beck
>>
>>
>> xwiki.cfg:
>> xwiki.authentication.ldap=1
>> xwiki.authentication.ldap.server=172.16.1.165
>> xwiki.authentication.ldap.check_level=1
>> xwiki.authentication.ldap.port=389
>> xwiki.authentication.ldap.base_DN=dc=company,dc=intranet
>>
xwiki.authentication.ldap.bind_DN=cn={0},ou=COMPANY,dc=company,dc=intr
>> anet xwiki.authentication.ldap.bind_pass={1}
>> xwiki.authentication.ldap.UID_attr=sAMAccountName
>>
xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name
>> =sn,fi
rst_name=givenName,fullname=displayName,mail=cn,ldap_dn=dn
>>
>> So actually with Sztar Balazs user I an loging and user the
wiki, but
>> with Zoltán Beck I got the following error:
>> [15/Jul/2008:17:03:27] info (20106): CORE3282: stdout:
2008-07-15
>> 17:03:27,844
>>
[https://unixdba.sysman.hu/xwiki/bin/loginsubmit/XWiki/XWikiLogin]
>> [service-j2ee-8] ERROR LDAP.LDAPAuthServiceImpl -
LDAP Bind
>> failed with Exception Invalid Credentials
>>
>> In the Active Directory Event Viever I can't see anything
about this
>> failed login attempt!
>>
>> It is possible to login with sAMAccountName attribute or it
will be
>> developed in the near future?
>>
>> Best regards,
>> bzg
>> --
>> Zoltan Gyula Beck
>> Tel.: +36-70-328-9306
>> E-Mail: beckzg(a)gmail.com
>> _______________________________________________
>> users mailing list
>> users(a)xwiki.org
>> http://lists.xwiki.org/mailman/listinfo/users
>> _______________________________________________
>> users mailing list
>> users(a)xwiki.org
>> http://lists.xwiki.org/mailman/listinfo/users
>>
>
>
>
> --
> Zoltan Gyula Beck
> Tel.: +36-70-328-9306
> E-Mail: beckzg(a)gmail.com
> _______________________________________________
> users mailing list
> users(a)xwiki.org
> http://lists.xwiki.org/mailman/listinfo/users
> _______________________________________________
> users mailing list
> users(a)xwiki.org
> http://lists.xwiki.org/mailman/listinfo/users
>
--
Zoltan Gyula Beck
Tel.: +36-70-328-9306
E-Mail: beckzg(a)gmail.com
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
Ar cieņu, Mihails
Links:
------
[1] mailto:beckzg@gmail.com
9:56 a.m.
New subject: [xwiki-users] Active Directory 2.
Hi Eric!
So I did some changes of config:
1. xwiki.authentication.ldap.bind_DN=COMPANY\\{0}
2. xwiki.authentication.ldap.bind_DN=COMPANY\\{0},ou=COMPANY,dc=company,dc=intranet
Both time if I try to connect with the sAMAccontName value then I got
an error that "Wrong user name", but if I try with cn then I got
"Wrong password" error message :(
Best Regards,
bzg
2008/7/16 Eric Johnson <emj10(a)vt.edu>du>:
Try checking to see if you need to be using a
subdomain on your binddn.
My company uses a subdomain for logging in:
Example, for windows login, we enter our username and password and where to
login (either to the network or to the local machine). IF THIS IS THE CASE,
then an admin username and admin password will most likely NOT be required.
If you are logging into a subdomain, try changing the bind_DN=***\\{0} and
bind_pass={1}, where *** is the subdomain you log into. As far as I know
the double \'s are needed.
5908
days inactive
5910
days old
4 comments
4 participants
participants (4)
-
Eric Johnson -
Mihails Agafonovs -
Wright, Philip -
Zoltan Gyula Beck