Thread:Extension talk:LDAP Authentication/Getting the wrong username in authenticate

Greetings,

I'm trying to auth against a 2008 AD and getting this in the debug log:

2010-10-29 16:12:54 labwikidb: Entering validDomain 2010-10-29 16:12:54 labwikidb: User is using a valid domain. 2010-10-29 16:12:54 labwikidb: Setting domain as: AD 2010-10-29 16:12:54  labwikidb: Entering getCanonicalName 2010-10-29 16:12:54 labwikidb: Username isn't empty. 2010-10-29 16:12:54 labwikidb: Munged username: Asmith 2010-10-29 16:12:54 labwikidb: Entering authenticate [username=Bjones, password= ] 2010-10-29 16:12:54 labwikidb: 2010-10-29 16:12:54 labwikidb: Entering Connect 2010-10-29 16:12:54 labwikidb: Using TLS or not using encryption. 2010-10-29 16:12:54 labwikidb: Using servers:  ldap://dc1.ad.domain ldap://dc2.ad.domain 2010-10-29 16:12:54 labwikidb: Connected successfully 2010-10-29 16:12:54 labwikidb: Entering getSearchString 2010-10-29 16:12:54 labwikidb: Doing a straight bind 2010-10-29 16:12:54 labwikidb: userdn is: Bjones@AD 2010-10-29 16:12:54 labwikidb: 2010-10-29 16:12:54 labwikidb: Binding as the user 2010-10-29 16:12:54 labwikidb: Failed to bind as Bjones@AD 2010-10-29 16:12:54 labwikidb: Entering strict. 2010-10-29 16:12:54 labwikidb: Returning true in strict. 2010-10-29 16:12:54 labwikidb: Entering allowPasswordChange 2010-10-29 16:12:54 labwikidb: Entering modifyUITemplate

The username entered in the wiki login page is 'Asmith' and by the time the LDAP Auth extension gets to the 'authenticate' function it's got the wrong username. The wrong one is a valid user in AD but it's still the wrong user. Binding as Bjones@AD is expected to fail as it's still using Asmith's password.

The configuration looks like this:

require_once( "$IP/extensions/LdapAuthentication/LdapAuthentication.php" ); $wgAuth = new LdapAuthenticationPlugin; $wgLDAPDomainNames = array( "AD" ); $wgLDAPServerNames = array( "AD" => "dc1.ad.domain dc2.ad.domain" ); $wgLDAPSearchStrings = array( "AD" => "USER-NAME@AD" );

I'm not sure where to go next to try troubleshooting. The user in question can log into other services without trouble and use ldapsearch, etc.

If I log in with my own user it works properly.