Thread:Extension talk:LDAP Authentication/How to specify multiple base dn/reply (4)

Hi Ryan,

Sorry and Wish you a Happy Christmas....

If i use single basedn : dc=ct,dc=rp,dc=abc,dc=in and find the ldapdubug logs,

2014-12-27 07:52:51 mediawiki-Test_: Entering Connect 2014-12-27 07:52:51 mediawiki-Test_: Using SSL 2014-12-27 07:52:51 mediawiki-Test_: Using servers:  ldaps://cbr-xx-c01.cl.rp.abc.in cbr-xx-c02.cl.rp.abc.in 2014-12-27 07:52:51  mediawiki-Test_: Connected successfully 2014-12-27 07:52:51 mediawiki-Test_: Entering getSearchString 2014-12-27 07:52:51 mediawiki-Test_: Doing a proxy bind 2014-12-27 07:52:52 mediawiki-Test_: Entering getUserDN 2014-12-27 07:52:52 mediawiki-Test_: Created a regular filter: (sAMAccountName=user.a) 2014-12-27 07:52:52  mediawiki-Test_: Entering getBaseDN 2014-12-27 07:52:52 mediawiki-Test_: basedn is not set for this type of entry, trying to get the default basedn. 2014-12-27 07:52:52 mediawiki-Test_: Entering getBaseDN 2014-12-27 07:52:52 mediawiki-Test_: basedn is dc=ct,dc=rp,dc=abc,dc=in 2014-12-27 07:52:52 mediawiki-Test_: Using base: dc=ct,dc=rp,dc=abc,dc=in 2014-12-27 07:52:52 mediawiki-Test_: Fetched username is not a string (check your hook code...). This message can be safely ignored if you do not have the SetUsernameAttributeFromLDAP hook defined. 2014-12-27 07:52:52 mediawiki-Test_: userdn is: CN=user.a,OU=Users,OU=S-Users,dc=ct,dc=rp,dc=abc,dc=in 2014-12-27 07:52:52 mediawiki-Test_: 2014-12-27 07:52:52 mediawiki-Test_: Binding as the user 2014-12-27 07:52:52 mediawiki-Test_: Bound successfully 2014-12-27 07:52:52 mediawiki-Test_: Entering getGroups 2014-12-27 07:52:52 mediawiki-Test_: Retrieving LDAP group membership 2014-12-27 07:52:52 mediawiki-Test_: Using memberOf 2014-12-27 07:52:52 mediawiki-Test_: Entering checkGroups 2014-12-27 07:52:52 mediawiki-Test_: Checking for (new style) group membership 2014-12-27 07:52:52 mediawiki-Test_: Required groups: cn=Test,ou=ts,dc=ct,dc=rp,dc=abc,dc=in 2014-12-27 07:52:52 mediawiki-Test_: Checking against: cn=oe,ou=ts,dc=ct,dc=rp,dc=abc,dc=in 2014-12-27 07:52:52 mediawiki-Test_: Checking against: cn=co,ou=ts,dc=ct,dc=rp,dc=abc,dc=in 2014-12-27 07:52:52 mediawiki-Test_: Checking against: cn=est,ou=ts,dc=ct,dc=rp,dc=abc,dc=in 2014-12-27 07:52:52 mediawiki-Test_: Found user in a group. 2014-12-27 07:52:52 mediawiki-Test_: Entering getPreferences 2014-12-27 07:52:52 mediawiki-Test_: Retrieving preferences 2014-12-27 07:52:52 mediawiki-Test_: Retrieved email (user.a@xxx.com) using attribute (mail) 2014-12-27 07:52:52 mediawiki-Test_: Retrieved realname (User A) using attribute (displayname) 2014-12-27 07:52:52 mediawiki-Test_: Retrieved nickname (User A) using attribute (displayname) 2014-12-27 07:52:52 mediawiki-Test_: Entering synchUsername 2014-12-27 07:52:52 mediawiki-Test_: Authentication passed 2014-12-27 07:52:52 mediawiki-Test_: Entering updateUser 2014-12-27 07:52:52 mediawiki-Test_: Setting user preferences. 2014-12-27 07:52:52 mediawiki-Test_: Setting nickname. 2014-12-27 07:52:52 mediawiki-Test_: Setting realname. 2014-12-27 07:52:52 mediawiki-Test_: Setting email. 2014-12-27 07:52:52 mediawiki-Test_: Saving user settings.

If i use 2 or 3 basedn's (Pls verify if the syntax is correct for multiple basedn's) and find the ldapdebug logs,

2014-12-27 08:02:19 mediawiki-Test_: Entering validDomain 2014-12-27 08:02:19 mediawiki-Test_: User is not using a valid domain. 2014-12-27 08:02:19 mediawiki-Test_: Setting domain as: invaliddomain 2014-12-27 08:02:19 mediawiki-Test_: Entering allowPasswordChange 2014-12-27 08:02:19 mediawiki-Test_: Entering modifyUITemplate 2014-12-27 08:02:19 mediawiki-Test_: Allowing the local domain, adding it to the list. 2014-12-27 08:02:26 mediawiki-Test_: Entering validDomain 2014-12-27 08:02:26 mediawiki-Test_: User is using a valid domain. 2014-12-27 08:02:26 mediawiki-Test_: Setting domain as: TS-LDAP 2014-12-27 08:02:26 mediawiki-Test_: Entering getCanonicalName 2014-12-27 08:02:26 mediawiki-Test_: Username isn't empty. 2014-12-27 08:02:26 mediawiki-Test_: Munged username: user.a 2014-12-27 08:02:26  mediawiki-Test_: Entering authenticate 2014-12-27 08:02:26 mediawiki-Test_: 2014-12-27 08:02:26 mediawiki-Test_: Entering Connect 2014-12-27 08:02:26 mediawiki-Test_: Using SSL 2014-12-27 08:02:26 mediawiki-Test_: Using servers:  ldaps://cbr-xx-c01.cl.rp.abc.in cbr-xx-c02.cl.rp.abc.in 2014-12-27 08:02:26  mediawiki-Test_: Connected successfully 2014-12-27 08:02:26 mediawiki-Test_: Entering getSearchString 2014-12-27 08:02:26 mediawiki-Test_: Doing a proxy bind 2014-12-27 08:02:26 mediawiki-Test_: Entering getUserDN 2014-12-27 08:02:26 mediawiki-Test_: Created a regular filter: (sAMAccountName=user.a) 2014-12-27 08:02:26  mediawiki-Test_: Entering getBaseDN 2014-12-27 08:02:26 mediawiki-Test_: basedn is not set for this type of entry, trying to get the default basedn. 2014-12-27 08:02:26 mediawiki-Test_: Entering getBaseDN 2014-12-27 08:02:26 mediawiki-Test_: basedn is dc=ct,dc=rp,dc=abc,dc=in  dc=eo,dc=rp,dc=abc,dc=in 2014-12-27 08:02:26 mediawiki-Test_: Using base: dc=ct,dc=rp,dc=abc,dc=in  dc=eo,dc=rp,dc=abc,dc=in 2014-12-27 08:02:26 mediawiki-Test_: Couldn't find an entry 2014-12-27 08:02:26 mediawiki-Test_: userdn is: 2014-12-27 08:02:26 mediawiki-Test_: User DN is blank 2014-12-27 08:02:26 mediawiki-Test_: Entering strict. 2014-12-27 08:02:26 mediawiki-Test_: Returning false in strict. 2014-12-27 08:02:26 mediawiki-Test_: Entering allowPasswordChange 2014-12-27 08:02:26 mediawiki-Test_: Entering modifyUITemplate 2014-12-27 08:02:26 mediawiki-Test_: Allowing the local domain, adding it to the list.

Regards, Varad