Thread:Extension talk:LDAP Authentication/This is a working config to authentication somebody against AD groups.

I spent much time trying to get this to work. It turns out, it was the $wgLDAPSearchAttributes messing everything up. Once I defined that, it all came together. Enjoy! require_once( "$IP/extensions/LdapAuthentication/LdapAuthentication.php" ); $wgAuth = new LdapAuthenticationPlugin; $wgLDAPDomainNames = array('DOMAINNAME'); $wgLDAPServerNames = array('DOMAINNAME' => 'sj-dc-05.DOMAINNAME.com'); $wgLDAPSearchStrings = array('DOMAINNAME' => 'DOMAINNAME\\USER-NAME'); $wgLDAPGroupObjectclass = array("DOMAINNAME"=>"group"); $wgLDAPGroupAttribute = array("DOMAINNAME"=>"member"); $wgLDAPGroupNameAttribute = array("DOMAINNAME"=>"cn"); $wgLDAPGroupsUseMemberOf = array("DOMAINNAME"=>false); $wgLDAPGroupUseFullDN = array("DOMAINNAME"=>true); $wgLDAPEncryptionType = array('DOMAINNAME' => 'clear'); $wgLDAPDebug = 3; $wgDebugLogGroups["ldap"] = "/tmp/debug.log" ; $wgLDAPGroupSearchNestedGroups = array("DOMAINNAME"=>false); $wgLDAPBaseDNs = array( "DOMAINNAME"=>"dc=DOMAINNAME,dc=com" ); $wgLDAPPreferences = array("DOMAINNAME"=>array( "email"=>"mail","realname"=>"cn","nickname"=>"samaccountname")); $wgLDAPRequiredGroups = array("DOMAINNAME"=>array("CN=swiki-verified,OU=Users,OU=ADC,DC=DOMAINNAME,DC=com")); $wgLDAPSearchAttributes = array( 'DOMAINNAME' => 'sAMAccountName' ); $wgLDAPUseLocal = false;