Thread:Extension talk:LDAP Authentication/everything fine until....grouprestriction

everything is fine until i tried today to integrate group restrictions, and the debug also didnt work:

for your infos:

- i need this proxy user, i have no admin rights or...for the ldap system. It is from the IT of them, and i am a student apprentice, but with this proxy user I have access with jxplorer and can give any information:

$wgAuth = new LdapAuthenticationPlugin;

$wgLDAPDomainNames = array( "IT" );

$wgLDAPServerNames = array( "IT"=>"ldap.swk99.de" );

$wgLDAPProxyAgent = array( "IT"=>"cn=GPSII,ou=proxy-user,ou=EMEA,o=SERVICES" );

$wgLDAPProxyAgentPassword = array( "IT"=>"12345" );

$wgLDAPSearchAttributes = array( "IT"=>"cn" );

$wgLDAPBaseDNs = array( "IT"=>"o=AUTH" );

$wgLDAPEncryptionType = array( "IT"=>"clear" );

$wgLDAPLowerCaseUsername = array( "IT"=>true );

$wgLDAPDisableAutoCreate = array( "IT" => false );

$wgLDAPUseLocal = false;

$wgLDAPAddLDAPUsers = false;

$wgLDAPUpdateLDAP = false;

$wgLDAPMailPassword = false;

$wgLDAPRetrievePrefs = array( "IT"=>"true" );

$wgMinimalPasswordLength = 1;

$wgLDAPDebug = 3;

 until here everything is fine, but i need to restrice this on two groups and all users of it:

ou=IT,ou=CONTRACTORS,o=AUTH

and

ou=IT,ou=EMPLOYEES,o=AUTH

 to restrict it, i have added at first this:

$wgLDAPRequiredGroups = array( "IT"=>array( "ou=IT,ou=CONTRACTORS,o=AUTH","ou=IT,ou=EMPLOYEES,o=AUTH"));

'''Until I tried this ^anyone can get in....

and later this also:'''

$wgLDAPGroupUseFullDN = array( "IT"=>true );

$wgLDAPGroupObjectclass = array( "IT"=>"organizationalUnit" ); //found this over tableview of the groups in jxplorer

$wgLDAPGroupAttribute = array( "IT"=>"inetOrgPerson" ); //found this over tableview of the groups in jxplorer

$wgLDAPGroupSearchNestedGroups = array( "IT"=>true ); //i thought it helped because my structure is o=AUTH->ou=CONTRACORS->ou=IT

$wgLDAPGroupNameAttribute = array( "IT"=>"ou" ); //^^? ou is the group name attribute or???

Until I tried this ^no one can get in...

DEBUGGING: I am really not sure....if you need more infos, just write me....i set the $wgLDAPDebug = 3; and on the media wiki:

error_reporting(E_ALL);

ini_set("display_errors", 1);

$wgShowExceptionDetails = true;

anything you need just ask...i am totally new to ldap and the mediawiki so pls dont be so hard with me....

greetz & thx4all