On Thu, Nov 20, 2008 at 3:08 PM, Thomas Zwitanowitsch
<tzwitano(a)wlgore.com> wrote:
I tweaked the test class a bit to conform the settings
I have in my
"normal" wiki setup:
LDAP search:
baseDN=[cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
query=[null] attr=[[objectClass, uid, member, uniquemember]] ldapScope=[0]
{name=dn
value=cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore}
{name=member value=cn=a12345,ou=associates,ou=users,o=wlgore}
{name=member value=cn=a12341,ou=associates,ou=users,o=wlgore}
{name=member value=cn=a12342,ou=associates,ou=users,o=wlgore}
{name=member
value=cn=a12343,ou=partners,ou=non-associates,ou=users,o=wlgore}
{name=member value=cn=a12344,ou=associates,ou=users,o=wlgore}
{name=objectClass value=groupOfNames}
{name=objectClass value=Top}
I does now exactly the same LDAP search as printed out and it is still not
returning anything. Which methods are called when performing the
group-fetch? Maybe I used the wrong ones?
Did you have a chance to look into your code?
LDAP Authenticator use exactly the same method.
The only things I see that could be different here are:
- the user which is used to access the LDAP server
- the case of the group members fields names. Are you using lower case
?
utils.ldapUtils.setGroupMemberFields(Arrays.asList("member","equivalenttome"))
Thanks!
Thomas
"Thomas Mortagne" <thomas.mortagne(a)xwiki.com
Sent by: users-bounces(a)xwiki.org
19.11.2008 14:14
Please respond to
XWiki Users <users(a)xwiki.org
To
"XWiki Users" <users(a)xwiki.org
cc
Subject
Re: [xwiki-users] LDAP Groupmembers not updated to XWiki-Groups
On Wed, Nov 19, 2008 at 1:22 PM, Thomas Zwitanowitsch
<tzwitano(a)wlgore.com> wrote:
We're using Novell's eDirectory. I
thought of the same thing that
lowercase could be a problem. But on the other side the "member"
attribute
is all lowercase - only
"equivalentToMe" is mixed case. And I just tried
it to only map it to "member" with no change.
Right you should get "name" at least. It's weird than you get the
"objectClass" attributes and not the "name".
I don't have more ideas of what can be the problem yet. Do the LDAP
user have right to list LDAP groups ?
Here are the new logs:
bstractXWikiMigrationManager - No storage migration required since
current version is [7351]
ldap.XWikiLDAPConfig - ldap_group_classes: [groupofnames,
group, top, dynamicgroupaux, groupofuniquenames,
groupwisedistributionlist, dynamicgroup]
ldap.XWikiLDAPConfig - ldap_group_memberfields:
[equivalenttome, member]
ldap.XWikiLDAPConnection - Connection to LDAP server
[heffalump.wlgore.com:389]
ldap.XWikiLDAPConnection - Binding to LDAP server with
credentials
login=[cn=intranet_proxy,ou=proxy-users,ou=system,o=wlgore]
password=[***********]
LDAP.XWikiLDAPAuthServiceImpl - Found user dn with the user object:
null
ldap.XWikiLDAPConfig - Ready to create
user from LDAP with
fields
last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn
ldap.XWikiLDAPUtils - Searching for
the user in LDAP:
user:tzwitano base: query:(uid=tzwitano) uid:uid
ldap.XWikiLDAPConnection - LDAP search: baseDN=[]
query=[(uid=tzwitano)] attr=[[sn, givenName, fullName, mail, dn]]
ldapScope=[2]
ldap.XWikiLDAPConnection - LDAP search found attributes:
[{name=dn
> value=cn=a12345,ou=associates,ou=users,o=wlgore}, {name=sn
> value=Zwitanowitsch}, {name=mail value=tzwitano(a)wlgore.com},
> {name=givenName value=Thomas}, {name=fullName value=Thomas Zwitanowitsch
> }]
> LDAP.XWikiLDAPAuthServiceImpl - LDAP attributes will be used to update
> XWiki attributes.
> LDAP.XWikiLDAPAuthServiceImpl - Updating existing user with LDAP
> attribues located at cn=a12345,ou=associates,ou=users,o=wlgore
ldap.XWikiLDAPConfig - Ready to create
user from LDAP with
fields
last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn
ldap.XWikiLDAPConfig - Groupmapping
found:
XWiki.XWikiAdminGroup
cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
ldap.XWikiLDAPConfig - Groupmapping found: XWiki.MSOEGroup
cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
ldap.XWikiLDAPConfig - Groupmapping found:
XWiki.MedicalFabricsAdmGroup
cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
ldap.XWikiLDAPConfig - Groupmapping
found:
XWiki.MedicalFabricsGroup
cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
LDAP.XWikiLDAPAuthServiceImpl - Updating group
membership for the
user:
tzwitano
LDAP.XWikiLDAPAuthServiceImpl - The user belongs to following XWiki
groups:
LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAllGroup
LDAP.XWikiLDAPAuthServiceImpl - All defined XWiki groups:
LDAP.XWikiLDAPAuthServiceImpl - XWiki.MSOEGroup
LDAP.XWikiLDAPAuthServiceImpl - XWiki.MedicalFabricsAdmGroup
LDAP.XWikiLDAPAuthServiceImpl - XWiki.MedicalFabricsGroup
LDAP.XWikiLDAPAuthServiceImpl - XWiki.TrillrAdmin
LDAP.XWikiLDAPAuthServiceImpl - XWiki.TrillrUser
LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAdminGroup
LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAllGroup
ldap.XWikiLDAPUtils - Retrieving Members of the group:
cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
ldap.XWikiLDAPConnection - LDAP search:
baseDN=[cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
query=[null] attr=[[objectClass, uid,
equivalenttome, member]]
ldapScope=[0]
ldap.XWikiLDAPConnection - LDAP search found attributes:
[{name=dn
value=cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore},
> {name=objectClass value=groupOfNames}, {name=objectClass value=Top}]
> ldap.XWikiLDAPUtils - Found group
[cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
> members :{}
> ldap.XWikiLDAPUtils - Retrieving Members of the group:
> cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
> ldap.XWikiLDAPConnection - LDAP search:
baseDN=[cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
query=[null] attr=[[objectClass, uid,
equivalenttome, member]]
ldapScope=[0]
ldap.XWikiLDAPConnection - LDAP search found attributes:
[{name=dn
value=cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore},
> {name=objectClass value=groupOfNames}, {name=objectClass value=Top}]
> ldap.XWikiLDAPUtils - Found group
[cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
> members :{}
> ldap.XWikiLDAPUtils - Retrieving Members of the group:
cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
> ldap.XWikiLDAPConnection - LDAP search:
baseDN=[cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
query=[null] attr=[[objectClass, uid,
equivalenttome, member]]
ldapScope=[0]
ldap.XWikiLDAPConnection - LDAP search found attributes:
[{name=dn
value=cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore},
> {name=objectClass value=groupOfNames}, {name=objectClass value=Top}]
> ldap.XWikiLDAPUtils - Found group
[cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
> members :{}
> ldap.XWikiLDAPUtils - Retrieving Members of the group:
cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
> ldap.XWikiLDAPConnection - LDAP search:
baseDN=[cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
query=[null] attr=[[objectClass, uid,
equivalenttome, member]]
ldapScope=[0]
ldap.XWikiLDAPConnection - LDAP search found attributes:
[{name=dn
value=cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore},
> {name=objectClass value=groupOfNames}, {name=objectClass value=Top}]
> ldap.XWikiLDAPUtils - Found group
[cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
> members :{}
> "Thomas Mortagne" <thomas.mortagne(a)xwiki.com
> Sent by: users-bounces(a)xwiki.org
> 19.11.2008 13:11
> Please respond to
> XWiki Users <users(a)xwiki.org
> To
> "XWiki Users" <users(a)xwiki.org
> cc
> Subject
> Re: [xwiki-users] LDAP Groupmembers not updated to XWiki-Groups
> By the way Maybe your already said it but
which LDAP server are you
> using ? The attributes are lower cased by XWiki to not depends on the
> case of attributes when manipulating them. It's generaly not a problem
> for LDAP but maybe there a problem with the server your are using...
> On Wed, Nov 19, 2008 at 1:07 PM,
Thomas Mortagne
> <thomas.mortagne(a)xwiki.com> wrote:
>> On Wed, Nov 19, 2008 at 12:08 PM, Thomas Zwitanowitsch
>> <tzwitano(a)wlgore.com> wrote:
>>> Looks like it doesn't see the other attributes...
>>
>>> ldap.XWikiLDAPUtils
- Found group
>>
[cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>> members :{}
>>> ldap.XWikiLDAPUtils - Retrieving Members of the group:
>>
cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>> ldap.XWikiLDAPConnection - LDAP search:
>>
baseDN=[cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>> query=[null] attr=[[Ljava.lang.String;@178f36a] ldapScope=[0]
>>> ldap.XWikiLDAPConnection - LDAP search found attributes:
> [{name=dn
>>
value=cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore},
>>> {name=objectClass value=groupOfNames}, {name=objectClass value=Top}]
>>
>>> Do you need the other
lines as well?
>
>> I just improved the log to see
exactly what attributes names are used
>> in the search (in place of [[Ljava.lang.String;@178f36a]), you try the
>> last core jar at same URL.
>
>>
>>> Thomas
>>
>>
>>
>>
>>> "Thomas Mortagne"
<thomas.mortagne(a)xwiki.com
>>>
Sent by: users-bounces(a)xwiki.org
>>> 19.11.2008 11:34
>>> Please respond to
>>> XWiki Users <users(a)xwiki.org
>>
>>
>>> To
>>> "XWiki Users" <users(a)xwiki.org
>>> cc
>>
>>> Subject
>>> Re: [xwiki-users] LDAP Groupmembers not updated to XWiki-Groups
>>
>>
>>
>>
>>
>>
>>> On Wed, Nov 19,
2008 at 10:51 AM, Thomas Zwitanowitsch
>>> <tzwitano(a)wlgore.com> wrote:
>>>> Yes, I am sure. This is what is configured:
>>>
>>>
>>
xwiki.authentication.ldap.group_classes=group,groupOfNames,groupOfUniqueNames,dynamicGroup,dynamicGroupAux,groupWiseDistributionList,Top
>>>> I also tried this configuration
>>>> xwiki.authentication.ldap.group_classes=groupOfNames,Top,groupOfNames
>>>> xwiki.authentication.ldap.group_memberfields=member,equivalentToMe
>>>
>>>> and this
again, is the group in LDAP
>>>
>>>> dn:
>>>
>
cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>> DirXML-Associations:
>>>
>>
cn=AUTH-IDV,cn=DriverSet,ou=IDM,ou=system,o=wlgore#1#{E21DA9D4-FD4F-944c-40BA-E21DA9D4FD4F}
>>>> equivalentToMe: cn=a22094,ou=associates,ou=users,o=wlgore
>>>> objectClass: groupOfNames
>>>> objectClass: Top
>>>> member: cn=a22094,ou=associates,ou=users,o=wlgore
>>>> description: XWiki Admin Group
>>>> cn: Admin
>>>
>>>> Not sure if I
understand your last mail in regards to you adding some
>>> more
>>>> logs.
>>
>>> Can you download and
try last snapshot core 1.6 jar at
>>
http://maven.xwiki.org/snapshots/com/xpn/xwiki/platform/xwiki-core/1.6-SNAP…
>>> .
>>> You should get more informations on what append, this will help us to
>>> see what is the problem.
>>
>>>
>>>> Thanks
>>>> Thomas
>>>
>>>
>>>
>>>
>>>> "Thomas Mortagne" <thomas.mortagne(a)xwiki.com
>>>> Sent by:
users-bounces(a)xwiki.org
>>>> 19.11.2008 10:43
>>>> Please respond to
>>>> XWiki Users <users(a)xwiki.org
>>>
>>>
>>>> To
>>>> "XWiki Users" <users(a)xwiki.org
>>>> cc
>>>
>>>> Subject
>>>> Re: [xwiki-users] LDAP Groupmembers not updated to XWiki-Groups
>>>
>>>
>>>
>>>
>>>
>>>
>>>> In the meantime, are you sure
that group_classes and
>>>> group_memberfields has the right values for your LDAP schema ?
>>>
>>>> On Wed, Nov
19, 2008 at 10:42 AM, Thomas Mortagne
>>>> <thomas.mortagne(a)xwiki.com> wrote:
>>>>> On Wed, Nov 19, 2008 at 8:44 AM, Thomas Zwitanowitsch
>>>>> <tzwitano(a)wlgore.com> wrote:
>>>>>> Hi Thomas,
>>>>>
>>>>>> Yes, there is an entry on this, but it looks like it
doesn't find
>>>>>> anything.
>>>>>
>>>>>> ldap.XWikiLDAPUtils - Retrieving Members of the
group:
>>>>>
>>
cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>> ldap.XWikiLDAPUtils - Found group
>>>>>
>>>
>>
[cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>> members :{}
>>>>>> ldap.XWikiLDAPUtils - Retrieving Members of the
group:
>>>>>
>>>
>
cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>> ldap.XWikiLDAPUtils - Found group
>>>>>
>>>
>>
[cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>> members :{}
>>>>>> ldap.XWikiLDAPUtils - Retrieving Members of the
group:
>>>>>
>>>
>>
cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>> ldap.XWikiLDAPUtils - Found group
>>>>>
>>>
>>
[cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>> members :{}
>>>>>> ldap.XWikiLDAPUtils - Retrieving Members of the
group:
>>>>>
>>>
>>
cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>> ldap.XWikiLDAPUtils - Found group
>>>>>
>>>
>>
[cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>> members :{}
>>>>>
>>>>>
>>>>>> The Admin-group in LDAP looks like this:
>>>>>
>>>>>> dn:
>>>>>
>>>
>
cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>> DirXML-Associations:
>>>>>
>>>
>>
cn=AUTH-IDV,cn=DriverSet,ou=IDM,ou=system,o=wlgore#1#{E21DA9D4-FD4F-944c-40BA-E21DA9D4FD4F}
>>>>>> equivalentToMe: cn=a12345,ou=associates,ou=users,o=wlgore
>>>>>> objectClass: groupOfNames
>>>>>> objectClass: Top
>>>>>> member: cn=a12345,ou=associates,ou=users,o=wlgore
>>>>>> description: XWiki Admin Group
>>>>>> cn: Admin
>>>>>
>>>>>> So I see no reason for it not finding the members. In
regards to
the
>>>> group
>>>>>> cache, I already set it to 60s just to make sure it's being
> refreshed
>>> -
>>>>>> with no effect.
>>>>
>>>>> Ok
them let me add some more log for your particular case and commit
>>>>> for you to try to find why it can't find any LDAP group's
member..
>>>>
>>>>>
>>>>>> Thanks!
>>>>>> Thomas
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>> "Thomas Mortagne"
<thomas.mortagne(a)xwiki.com
>>>>>> Sent by: users-bounces(a)xwiki.org
>>>>>> 18.11.2008 18:26
>>>>>> Please respond to
>>>>>> XWiki Users <users(a)xwiki.org
>>>>>
>>>>>
>>>>>> To
>>>>>> "XWiki Users" <users(a)xwiki.org
>>>>>> cc
>>>>>
>>>>>> Subject
>>>>>> Re: [xwiki-users] LDAP Groupmembers not updated to XWiki-Groups
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>> Hi,
>>>>>
>>>>>> On Tue, Nov 18, 2008 at 5:39 PM, Thomas Zwitanowitsch
>>>>>> <tzwitano(a)wlgore.com> wrote:
>>>>>>> Hi,
>>>>>>
>>>>>>> I've updated from 1.5.2 to 1.6.1. After this, I
found all groups
>>>> beeing
>>>>>>> empty - so no users were there anymore.
>>>>>>
>>>>>>> As result I started mapping LDAP groups to XWiki groups
to let
> XWiki
>>>>>>> populate the memberships again - I was planning this anyway.
>>>>>>
>>>>>>> For some reason XWiki is not able to get the groups
members and I
>>>> cannot
>>>>>>> understand why. Also it is not putting my user in the
> XWiki.AllGroup
>>> -
>>>>>>> still my groups do not have any member.
>>>>>>
>>>>>
>>>>>> Can you see "Retrieving Members of the group..."
anywhere in the
> whole
>>>> log
>>>>>> ?
>>>>>
>>>>>> In your log I only see "Found group" which should
means the group
>>>>>> cache already contains the group members.
>>>>>
>>>>>>> This are the logs:
>>>>>>
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - Updating
existing user
with
>>>> LDAP
>>>>>>> attribues located at
cn=a12345,ou=associates,ou=users,o=wlgore
>>>>>>> DEBUG ldap.XWikiLDAPConfig - Ready to create user
from
>>> LDAP
>>>>>>> with fields
>>>>>>
>>>>>
>>>
>>
last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn
>>>>>>> DEBUG ldap.XWikiLDAPConfig - Groupmapping found:
>>>>>>> XWiki.XWikiAdminGroup
>>>>>>
>>>
>
cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>>> DEBUG ldap.XWikiLDAPConfig - Groupmapping found:
>>>>>>> XWiki.MSOEGroup
>>>>>>
>>>
>
cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>>> DEBUG ldap.XWikiLDAPConfig - Groupmapping found:
>>>>>>> XWiki.MedicalFabricsAdmGroup
>>>>>>
>>>>>
>>>
>>
cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>>> DEBUG ldap.XWikiLDAPConfig - Groupmapping found:
>>>>>>> XWiki.MedicalFabricsGroup
>>>>>>
>>>>>
>>>
>>
cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - Updating group
membership
> for
>>>>>> the
>>>>>>> user: tzwitano
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - The user belongs to
> following
>>>>>>> XWiki groups:
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAllGroup
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - All defined XWiki
groups:
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.MSOEGroup
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl -
> XWiki.MedicalFabricsAdmGroup
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl -
XWiki.MedicalFabricsGroup
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.TrillrAdmin
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.TrillrUser
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl -
XWiki.XWikiAdminGroup
>>>>>>> DEBUG LDAP.XWikiLDAPAuthServiceImpl - XWiki.XWikiAllGroup
>>>>>>> DEBUG ldap.XWikiLDAPUtils - Found group
>>>>>>
>>>>>
>>>
>>
[cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>>> members :{}
>>>>>>> DEBUG ldap.XWikiLDAPUtils - Found group
>>>>>>
>>>>>
>>>
>>
[cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>>> members :{}
>>>>>>> DEBUG ldap.XWikiLDAPUtils - Found group
>>>>>>
>>>>>
>>>
>>
[cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>>> members :{}
>>>>>>> DEBUG ldap.XWikiLDAPUtils - Found group
>>>>>>
>>>>>
>>>
>>
[cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore]
>>>>>>> members :{}
>>>>>>
>>>>>>> This is my config:
>>>>>>
>>>>>>> #-# new LDAP authentication service
>>>>>>
>>>>>
>>>
>>
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
>>>>>>
>>>>>>> #-# Turn LDAP authentication on - otherwise only XWiki
> authentication
>>>>>>> #-# 0: disable
>>>>>>> #-# 1: enable
>>>>>>> xwiki.authentication.ldap=1
>>>>>>
>>>>>>> #-# Force to check password after LDAP connection
>>>>>>> #-# 0: disable
>>>>>>> #-# 1: enable
>>>>>>> xwiki.authentication.ldap.validate_password=0
>>>>>>
>>>>>>> #-# only members of the following group will be
verified in the
> LDAP
>>>>>>> # otherwise only users that are found after searching
starting
from
>>>> the
>>>>>>> base_DN
>>>>>>> #xwiki.authentication.ldap.user_group=o=wlgore
>>>>>>
>>>>>>> #-# base DN for searches
>>>>>>> #xwiki.authentication.ldap.base_DN=o=wlgore
>>>>>>
>>>>>>> #-# Specifies the LDAP attribute containing the
identifier to be
> used
>>>> as
>>>>>>> the XWiki name (default=cn)
>>>>>>> xwiki.authentication.ldap.UID_attr=uid
>>>>>>
>>>>>>> #-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# Specifies the LDAP attribute containing the password to
be
used
>>>>>> "when
>>>>>>> xwiki.authentication.ldap.validate_password" is set to
1
>>>>>>> # xwiki.authentication.ldap.password_field=userPassword
>>>>>>
>>>>>>> #-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# The potential LDAP groups classes. Separated by commas.
>>>>>>
>>>>>
>>>
>>
xwiki.authentication.ldap.group_classes=group,groupOfNames,groupOfUniqueNames,dynamicGroup,dynamicGroupAux,groupWiseDistributionList,Top
>>>>>>
>>>
#xwiki.authentication.ldap.group_classes=groupOfNames,Top,groupOfNames
>>>>>>
>>>>>>> #-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# The potential names of the LDAP groups fields containings
the
>>>>>> members.
>>>>>>> Separated by commas.
>>>>>>>
xwiki.authentication.ldap.group_memberfields=member,equivalentToMe
>>>>>>
>>>>>>> #-# retrieve the following fields from LDAP and store
them in the
>>>> XWiki
>>>>>>> user object (xwiki-attribute=ldap-attribute)
>>>>>>> #-# ldap_dn=dn -- dn is set by class, caches dn in
XWiki.user
> object
>>>>>> for
>>>>>>> faster access
>>>>>>
>>>>>
>>>
>>
xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn
>>>>>>
>>>>>>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# on every login update the mapped attributes from LDAP to
XWiki
>>>>>>> otherwise this happens only once when the XWiki account is
created.
>>>>>>> xwiki.authentication.ldap.update_user=1
>>>>>>
>>>>>>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# mapps XWiki groups to LDAP groups, separator is
"|"
>>>>>>
>>>>>
>>>
>>
xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=cn=Admin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore|\
>>>>>>
>>>>>
>>>
>>
XWiki.MSOEGroup=cn=MSOE,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore|\
>>>>>>
>>>>>
>>>
>>
XWiki.MedicalFabricsAdmGroup=cn=MedFabAdmin,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore|\
>>>>>>
>>>>>
>>>
>>
XWiki.MedicalFabricsGroup=cn=MedFabUser,ou=XWiki,ou=Corp,ou=Links,ou=extranet_access,ou=groups,o=wlgore
>>>>>>
>>>>>>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# time in s after which the list of members in a group is
> refreshed
>>>>>> from
>>>>>>> LDAP (default=3600*6)
>>>>>>> xwiki.authentication.ldap.groupcache_expiration=60
>>>>>>
>>>>>>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# - create : synchronize group membership only when the
user is
>>>> first
>>>>>>> created
>>>>>>> #-# - always: synchronize on every login
>>>>>>> xwiki.authentication.ldap.mode_group_sync=always
>>>>>>
>>>>>>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
>>>>>>> #-# if ldap authentication fails for any reason, try XWiki
DB
>>>>>>> authentication with the same credentials
>>>>>>> xwiki.authentication.ldap.trylocal=1
>>>>>>
>>>>>>> Thanks!
>>>>>>> Thomas
>>>>>>> _______________________________________________
>>>>>>> users mailing list
>>>>>>> users(a)xwiki.org
>>>>>>>
http://lists.xwiki.org/mailman/listinfo/users
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>>> --
>>>>>> Thomas Mortagne
>>>>>> _______________________________________________
>>>>>> users mailing list
>>>>>> users(a)xwiki.org
>>>>>>
http://lists.xwiki.org/mailman/listinfo/users
>>>>>
>>>>>> _______________________________________________
>>>>>> users mailing list
>>>>>> users(a)xwiki.org
>>>>>>
http://lists.xwiki.org/mailman/listinfo/users
>>>>>
>>>>
>>>>
>>>>
>>>>> --
>>>>> Thomas Mortagne
>>>>
>>>
>>>
>>>
>>>> --
>>>> Thomas Mortagne
>>>> _______________________________________________
>>>> users mailing list
>>>> users(a)xwiki.org
>>>>
http://lists.xwiki.org/mailman/listinfo/users
>>>
>>>>
_______________________________________________
>>>> users mailing list
>>>> users(a)xwiki.org
>>>>
http://lists.xwiki.org/mailman/listinfo/users
>>>
>>
>>
>>
>>> --
>>> Thomas Mortagne
>>> _______________________________________________
>>> users mailing list
>>> users(a)xwiki.org
>>>
http://lists.xwiki.org/mailman/listinfo/users
>>
>>>
_______________________________________________
>>> users mailing list
>>> users(a)xwiki.org
>>>
http://lists.xwiki.org/mailman/listinfo/users
>>
>
>
>
>> --
>> Thomas Mortagne
>
> --
> Thomas Mortagne
> _______________________________________________
> users mailing list
> users(a)xwiki.org
>
http://lists.xwiki.org/mailman/listinfo/users
>
_______________________________________________
> users mailing list
> users(a)xwiki.org
>
http://lists.xwiki.org/mailman/listinfo/users
--
Thomas Mortagne
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users