Thread:Extension talk:LDAP Authentication/Trouble with Group Restricted Login/reply (12)

Hi all,

This is for Mediawiki 1.23.1

I have followed the configuration advice and some troubleshooting pages, also followed this page, but I can't get the login to work with the restricted groups.

Without it I can login, for some reason the users can't be found. Can someone help?

This is my config: $wgLDAPDomainNames = array( "ad.local" ); $wgLDAPServerNames = array( "ad.local" => "dc.ad.local" ); $wgLDAPSearchStrings = array( "ad.local" => "ad\\USER-NAME" ); $wgLDAPEncryptionType = array( "ad.local" => "clear" ); $wgLDAPUseLocal = false; $wgMinimalPasswordLength = 1; $wgLDAPBaseDNs = array( "ad.local" => 'ou=Users,dc=ad,dc=local' );
 * 1) LDAP settings

$wgLDAPUserBaseDNs = array( "ad.local" => 'ou=Users,dc=ad,dc=local' ); $wgLDAPGroupBaseDNs = array( "ad.local" => 'ou=Users,dc=ad,dc=local' ); $wgLDAPSearchAttributes = array( "ad.local" => "sAMAccountName" );
 * 1) $wgLDAPRetrievePrefs = array( "ad.local" => "true" );

// An array of the groups the user is required to be a member of. $wgLDAPGroupUseFullDN = array( "ad.local" => false ); $wgLDAPGroupSearchNestedGroups = array( "ad.local" => true ); $wgLDAPLowerCaseUsername = array( "ad.local" => false ); $wgLDAPGroupObjectclass = array( "ad.local" => 'group' ); $wgLDAPGroupAttribute = array( "ad.local" => 'member' ); $wgLDAPGroupNameAttribute = array( "ad.local" => "cn" );
 * 1) $wgLDAPRequiredGroups = array( "ad.local" => array( 'cn=Trainers,ou=Users,dc=ad,dc=local' ));
 * 1) $wgLDAPLowerCaseUsername = array( "ad.local" => true);
 * 1) $wgLDAPGroupsUseMemberOf = array( "ad.local" => true );

$wgLDAPDebug = 3; //for debugging LDAP $wgShowExceptionDetails = true; //for debugging MediaWiki $wgDebugLogGroups["ldap"] = "/tmp/debug.log" ;
 * 1) Enable LDAP debug

I always get an error: 2014-08-01 04:14:40 10.206.192.159 my_wiki: 2.1.0 Couldn't find the user in any groups.