Thread:Extension talk:LDAP Authentication/Login Error LDAP ADS Couldn`t find user in any groups

Hi, iam trying since weeks to get mediawiki running by using group required login feature via ldap to our Windows Active Directory. Unfortunately i got still the same error in the logs "Couldn`t find user in any groups". System informations: OS: Ubuntu LTS 12.04 Webserver: Apache2 Mediawiki Version: 1.20.5 LDAP Authentication Version: 2.0c PHP Version: 5.3.10 MySQL Version: 5.5.31 LDAP Directory: Active Directory on Server 2008 R2 running on Level 2008 R2 When we outcomment the following line, the login is working fine, but so everybody can login. We would like to restrict it via groups (for example group "it") from the Active Directory.
 * 1) $wgLDAPRequiredGroups = array( "xyz.test.com"=>array("cn=Users,cn=it,dc=xyz,dc=test,dc=com") );

Whole configuration and settings in LocalSettings.php:

$wgGroupPermissions['*']['createaccount'] = false; $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['*']['read'] = false; $wgShowIPinHeader = false; require_once( "$IP/extensions/LdapAuthentification/LdapAuthentication.php" ); $wgAuth = new LdapAuthenticationPlugin; $wgLDAPRequiredGroups = array( "xyz.test.com"=>array("cn=Users,cn=it,dc=xyz,dc=test,dc=com") ); $wgLDAPGroupUseFullDN = array( "xyz.test.com"=>true ); $wgLDAPGroupObjectclass = array( "xyz.test.com"=>"group" ); $wgLDAPGroupAttribute = array( "xyz.test.com"=>"member" ); $wgLDAPGroupSearchNestedGroups = array( "xyz.test.com"=>true ); $wgLDAPGroupNameAttribute = array( "xyz.test.com"=>"cn" ); $wgLDAPBaseDNs = array( "xyz.test.com"=>"dc=xyz,dc=test,dc=com" ); $wgLDAPGroupBaseDNs = array( "xyz.test.com"=> "dc=xyz,dc=test,dc=com" ); $wgLDAPUserBaseDNs = array( "xyz.test.com"=>"dc=xyz,dc=test,dc=com" ); $wgLDAPSearchAttributes = array( "xyz.test.com"=>"sAMAccountName" ); $wgMinimalPasswordLength = 1; $wgLDAPDomainNames = array( "xyz.test.com" ); $wgLDAPServerNames = array( "xyz.test.com"=>"dc.xyz.test.com", ); $wgLDAPUseLocal = false; $wgLDAPEncryptionType = array( "xyz.test.com"=>"ssl", ); $wgLDAPOptions = array( "xyz.test.com"=>array( LDAP_OPT_DEREF, 0 ), ); $wgLDAPPort = array( "xyz.test.com"=>636, ); $wgLDAPProxyAgent = array( 'xyz.test.com' => 'CN=ldapbind,DC=xyz,DC=test,DC=com' ); $wgLDAPProxyAgentPassword = array( 'xyz.test.com' => 'password' ); $wgLDAPDebug = 3; //for debugging LDAP $wgShowExceptionDetails = true; //for debugging MediaWiki $wgDebugLogGroups["ldap"] = "/tmp/ldapdebug.log" ; //for debugging LDAP
 * 1) Debug Options

Error message in logfile:

2013-05-31 09:53:09 wiki wiki1: 2.0c Pulling domain from session. 2013-05-31 09:53:09 wiki wiki1: 2.0c User Filter: (&(distinguishedName=)(objectclass=user)) 2013-05-31 09:53:09 wiki wiki1: 2.0c Primary Group Filter: (&(objectSid=\\\\\\\\\\\\\\\\\\\\\\\\\00\00\0 \00)(objectclass=group)) 2013-05-31 09:53:09 wiki wiki1: 2.0c Search string: (&(member=)(objectclass=group)) 2013-05-31 09:53:09 wiki wiki1: 2.0c Returned groups: 2013-05-31 09:53:09 wiki wiki1: 2.0c Group is in the following groups: 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering searchGroups 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering getBaseDN 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering getDomain 2013-05-31 09:53:09 wiki wiki1: 2.0c Pulling domain from session. 2013-05-31 09:53:09 wiki wiki1: 2.0c basedn is dc=xyz,dc=test,dc=com 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering getDomain 2013-05-31 09:53:09 wiki wiki1: 2.0c Pulling domain from session. 2013-05-31 09:53:09 wiki wiki1: 2.0c Binding as the proxyagent 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering getDomain 2013-05-31 09:53:09 wiki wiki1: 2.0c Pulling domain from session. 2013-05-31 09:53:09 wiki wiki1: 2.0c User Filter: (&(distinguishedName=)(objectclass=user)) 2013-05-31 09:53:09 wiki wiki1: 2.0c Primary Group Filter: (&(objectSid=\\\\\\\\\\\\\\\\\\\\\\\\\00\00\00\00)(objectclass=group)) 2013-05-31 09:53:09 wiki wiki1: 2.0c Search string: (&(member=)(objectclass=group)) 2013-05-31 09:53:09 wiki wiki1: 2.0c Returned groups: 2013-05-31 09:53:09 wiki wiki1: 2.0c Group is in the following groups: 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering searchNestedGroups 2013-05-31 09:53:09 wiki wiki1: 2.0c No more groups to search. 2013-05-31 09:53:09 wiki wiki1: 2.0c Got the following nested groups: :::::::::cn=benutzer,cn=builtin,dc=xyz,dc=test,dc=com::::::cn=administration,cn=users,dc=xyz,dc=test,dc=com::cn=it,cn=users,dc=xyz,dc=test,dc=com 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering getDomain 2013-05-31 09:53:09 wiki wiki1: 2.0c Pulling domain from session. 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering checkGroups 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering getDomain 2013-05-31 09:53:09 wiki wiki1: 2.0c Pulling domain from session. 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering getDomain 2013-05-31 09:53:09 wiki wiki1: 2.0c Pulling domain from session. 2013-05-31 09:53:09 wiki wiki1: 2.0c Checking for (new style) group membership 2013-05-31 09:53:09 wiki wiki1: 2.0c Required groups: cn=users,cn=it,dc=xyz,dc=test,dc=com 2013-05-31 09:53:09 wiki wiki1: 2.0c Checking against: cn=benutzer,cn=builtin,dc=xyz,dc=test,dc=com 2013-05-31 09:53:09 wiki wiki1: 2.0c Checking against: cn=it,cn=users,dc=xyz,dc=test,dc=com 2013-05-31 09:53:09 wiki wiki1: 2.0c Checking against: cn=administration,cn=users,dc=xyz,dc=test,dc=com 2013-05-31 09:53:09 wiki wiki1: 2.0c Couldn't find the user in any groups. 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering strict. 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering getDomain 2013-05-31 09:53:09 wiki wiki1: 2.0c Pulling domain from session. 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering getDomain 2013-05-31 09:53:09 wiki wiki1: 2.0c Pulling domain from session. 2013-05-31 09:53:09 wiki wiki1: 2.0c Returning true in strict. 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering allowPasswordChange 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering getDomain 2013-05-31 09:53:09 wiki wiki1: 2.0c Pulling domain from session. 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering getDomain 2013-05-31 09:53:09 wiki wiki1: 2.0c Pulling domain from session. 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering getDomain 2013-05-31 09:53:09 wiki wiki1: 2.0c Pulling domain from session. 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering modifyUITemplate 2013-05-31 09:53:09 wiki wiki1: 2.0c Entering getDomain 2013-05-31 09:53:09 wiki wiki1: 2.0c Pulling domain from session.

Many thanks for any help, iam getting crazy with that problem...