Thread:Extension talk:LDAP Authentication/Cannot get Group based login restriction to work/reply (2)

Here are my settings:

// LDAP Authentication require_once( "$IP/extensions/LdapAuthentication/LdapAuthentication.php" ); $wgAuth = new LdapAuthenticationPlugin;

// LDAP Logging $wgLDAPDebug = 3; $wgDebugLogGroups["ldap"] = "/var/www/wiki/extensions/LdapAuthentication/debug.log";

// LDAP Binding $wgLDAPDomainNames = array( "OurDomain" ); $wgLDAPServerNames = array( "OurDomain"=>"ldap.ourdomain.com" ); $wgLDAPUseLocal = false; $wgLDAPEncryptionType = array( "OurDomain"=>"clear" ); $wgLDAPSearchStrings = array( "OurDomain"=>"uid=USER-NAME,ou=people,dc=ourdomain,dc=com" );

// LDAP Group Settings $wgLDAPRequiredGroups = array( "OurDomain"=>array( "cn=wiki,ou=group,dc=ourdomain,dc=com" ) ); $wgLDAPLowerCaseUsername = array( "OurDomain"=>true ); $wgLDAPBaseDNs = array( "OurDomain"=>"dc=ourdomain,dc=com" ); $wgLDAPGroupBaseDNs = array( "OurDomain"=>"ou=group,dc=ourdomain,dc=com" ); $wgLDAPUserBaseDNs = array( "OurDomain"=>"ou=people,dc=ourdomain,dc=com" );

One thing I noticed about this extensions help documentation, it used example DNs like this:

uid=USER-NAME,ou=people,dc=LDAP,dc=example,dc=com

However, when I look at our LDAP server, it shows DNs like this:

uid=jake,ou=People,dc=ourdomain,dc=com

It doesn't have the dc=LDAP in there. Does that make a difference?

Also, I might have extra unnecessary config options in our settings just cause I was trying several different things attempting to get the group stuff to work. Please let me know if I have unnecessary stuff in there.

Thanks for the help!!