Thread:Extension talk:LDAP Authentication/LDAP Bind Fails

[eric@ZWIKI ~]$ cat message.txt I am having a problem with LDAP Authentication extension. Downloaded from http://www.mediawiki.org/wiki/Extension:LDAP_Authentication today. Mediawiki 1.17 and 1.16 LdapAuthentication-MW1.16-r61987.tar.gz LdapAuthentication-MW1.17-r86547.tar.gz [eric@ZWIKI tmp]$ cat /etc/redhat-release Red Hat Enterprise Linux Server release 6.1 (Santiago) PHP 5.3.3 (cli) (built: Jan 21 2011 10:01:20) openssl-1.0.0-10.el6_1.4 mod_ssl-2.2.15-9.el6 openldap-devel-2.4.23-15.el6_1.1 openldap-2.4.23-15.el6_1.1 openldap-clients-2.4.23-15.el6_1.1 require_once( "extensions/LdapAuthentication/LdapAuthentication.php" ); $wgAuth = new LdapAuthenticationPlugin; $wgLDAPDomainNames = array( "ActiveDirectoryDomain", "z/OSLDAP") ; $wgLDAPUseLocal = true; $wgLDAPServerNames = array ( "ActiveDirectoryDomain"=>"AD.Domain.Gov", ""z/OSLDAP=>"Mainfram.LDAP.gov"); $wgLDAPEncryptionType = array ( "ActiveDirectoryDomain"=>"ssl", "z/OSLDAP"=>"ssl"); $wgLDAPSearchStrings = array ("ActiveDirectoryDomain"=>"USER-NAME", "z/OSLDAP"=>"racfid=USER-NAME,profiletype=user,dc=S4"); $wgLDAPDebug = 3; $wgDebugLogGroups["ldap"] = "/tmp/ldapdebug.log" ; Using clear it functions normally. But set to ssl in LocalSettings.php it does not. [eric@ZWIKI ~]$ cat ldaplog.txt 2011-09-28 13:59:48 ServerName: 1.2e Entering validDomain 2011-09-28 13:59:48 ServerName: 1.2e User is not using a valid domain. 2011-09-28 13:59:48 ServerName: 1.2e Setting domain as: invaliddomain 2011-09-28 13:59:48 ServerName: 1.2e Entering allowPasswordChange 2011-09-28 13:59:48 ServerName: 1.2e Entering modifyUITemplate 2011-09-28 13:59:48 ServerName: 1.2e Allowing the local domain, adding it to the list. 2011-09-28 13:59:59 ServerName: 1.2e Entering validDomain 2011-09-28 13:59:59 ServerName: 1.2e User is using a valid domain. 2011-09-28 13:59:59 ServerName: 1.2e Setting domain as: MainFrame 2011-09-28 13:59:59 ServerName: 1.2e Entering getCanonicalName 2011-09-28 13:59:59 ServerName: 1.2e Username isn't empty. 2011-09-28 13:59:59 ServerName: 1.2e Munged username: UserName 2011-09-28 13:59:59 ServerName: 1.2e Entering userExists 2011-09-28 13:59:59 ServerName: 1.2e 2011-09-28 13:59:59 ServerName: 1.2e Entering authenticate 2011-09-28 13:59:59 ServerName: 1.2e 2011-09-28 13:59:59 ServerName: 1.2e Entering Connect 2011-09-28 13:59:59 ServerName: 1.2e Using SSL 2011-09-28 13:59:59 ServerName: 1.2e Using servers:  ldaps://mainfram.ldap.gov 2011-09-28 13:59:59 ServerName: 1.2e Connected successfully 2011-09-28 13:59:59 ServerName: 1.2e Entering getSearchString 2011-09-28 13:59:59 ServerName: 1.2e Doing a straight bind 2011-09-28 13:59:59 ServerName: 1.2e userdn is: racfid=UserName,profiletype=user,dc=S4 2011-09-28 13:59:59 ServerName: 1.2e 2011-09-28 13:59:59 ServerName: 1.2e Binding as the user 2011-09-28 13:59:59 ServerName: 1.2e trying to bind calling: 2011-09-28 13:59:59 ServerName: 1.2e         ldap_bind( conn_handle=Resource id #93, userdn=racfid=UserName,profiletype=user,dc=S4, password=XXXXXXX ).. 2011-09-28 13:59:59 ServerName: 1.2e         ldap_bind(...) failed. 2011-09-28 13:59:59 ServerName: 1.2e         LDAP_Error Code  : -1 2011-09-28 13:59:59 ServerName: 1.2e         LDAP Error Msg  : Can't contact LDAP server 2011-09-28 13:59:59 ServerName: 1.2e Failed to bind as racfid=UserName,profiletype=user,dc=S4 2011-09-28 13:59:59 ServerName: 1.2e with password: XXXXXXXX 2011-09-28 13:59:59 ServerName: 1.2e Entering allowPasswordChange 2011-09-28 13:59:59 ServerName: 1.2e Entering modifyUITemplate 2011-09-28 13:59:59 ServerName: 1.2e Allowing the local domain, adding it to the list. I added the extended error checking (bindAs) to the LdapAuthentication.php.