Thread:Extension talk:LDAP Authentication/Cannot setup LDAP filtering

Hi, I'm running the latest version of MediaWiki 1.23.3 with the latest version of the LdapAuthentication extension (REL1_23, 2014-07-29T01:11:57, f266c74).

Currently, my configuration is the following:

$wgAuth = new LdapAuthenticationPlugin; $wgLDAPDomainNames = array('MySite'); $wgLDAPServerNames = array('MySite' => 'myldap.mydomain.com'); $wgLDAPUseLocal = true; $wgLDAPPort = array('MySite' => 389); $wgLDAPSearchAttributes = array('MySite' => 'uid'); $wgLDAPBaseDNs = array('MySite' => 'dc=mysite,dc=com'); $wgLDAPPreferences = array('MySite' => array('email' => 'mail', 'realname' => 'displayName')); $wgLDAPEncryptionType = array('MySite' => 'clear');

As far as I specify this that way, everything works fine, I can login with the LDAP credentials. However, I'm trying to setup LdapAuthentication so only one OU's users can login. I changed the $wgLDAPBaseDNs line to be:

$wgLDAPBaseDNs = array('MySite' => 'ou=RequiredOU,dc=mysite,dc=com');

However, since that change I cannot login anymore, I get a 'password incorrect' error at each time. I'm sure RequiredOU exists, when I issue this command:

ldapsearch -b 'dc=mysite,dc=com' -x ou=RequiredOU

I get a list of users included in that OU, including me. However, it's not quite clear to me how to filter one OU from the documentation, is there something wrong with the way I'm trying? If yes, how should I do that?

Thanks