Thread:Extension talk:LDAP Authentication/usernames modified by extension?

Hello! First of all, thanks for preparing this extension, it's really helpful.

I work at a high school that uses MS AD for LDAP authentication for Windows, Moodle and WordPress. Our students use their six-digit student ID as their username (e.g., "123456"), and they can log in to our wiki just fine. Our teachers, however, use their first initial and last name preceded by "ke_" (e.g. "ke_flast"). When a teacher tries to log in, the debug log shows that the underscore ("_") is getting stripped out of the username as it's passed to our LDAP server. Is there some way to keep $userdn from being modified? My settings work because I can authenticate with the numeric student IDs, but here's the debug log output if I try to log in as a legitimate user, "ke_flast" (sensitive stuff modified):

2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering validDomain 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a User is using a valid domain (HS). 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Setting domain as: HS 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getCanonicalName 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Username isn't empty. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering Connect 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Using TLS or not using encryption. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Using servers: ldap://10.10.10.10:389 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a PHP's LDAP connect method returned true (note, this does not imply it connected to the server). 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getUserDN 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Doing a proxy bind 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Created a regular filter: (sAMAccountName=Ke flast) 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getBaseDN 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a basedn is not set for this type of entry, trying to get the default basedn. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getBaseDN 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Using base: ou=HS Users,dc=HS,dc=city,dc=k12,dc=zz,dc=us 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Couldn't find an entry 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Fetched username is not a string (check your hook code...). This message can be safely ignored if you do not have the SetUsernameAttributeFromLDAP hook defined. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Munged username: Ke flast 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getCanonicalName 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Username isn't empty. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering Connect 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Using TLS or not using encryption. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Using servers: ldap://10.10.10.10:389 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a PHP's LDAP connect method returned true (note, this does not imply it connected to the server). 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getUserDN 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Doing a proxy bind 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Created a regular filter: (sAMAccountName=123.45.67.89) 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getBaseDN 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a basedn is not set for this type of entry, trying to get the default basedn. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getBaseDN 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Using base: ou=HS Users,dc=HS,dc=city,dc=k12,dc=zz,dc=us 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Couldn't find an entry 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Fetched username is not a string (check your hook code...). This message can be safely ignored if you do not have the SetUsernameAttributeFromLDAP hook defined. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Munged username: 123.45.67.89 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getCanonicalName 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Username isn't empty. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering Connect 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Using TLS or not using encryption. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Using servers: ldap://10.10.10.10:389 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a PHP's LDAP connect method returned true (note, this does not imply it connected to the server). 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getUserDN 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Doing a proxy bind 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Created a regular filter: (sAMAccountName=123.45.67.89) 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getBaseDN 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a basedn is not set for this type of entry, trying to get the default basedn. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getBaseDN 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Using base: ou=HS Users,dc=HS,dc=city,dc=k12,dc=zz,dc=us 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Couldn't find an entry 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Fetched username is not a string (check your hook code...). This message can be safely ignored if you do not have the SetUsernameAttributeFromLDAP hook defined. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Munged username: 123.45.67.89 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getCanonicalName 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Username isn't empty. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering Connect 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Using TLS or not using encryption. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Using servers: ldap://10.10.10.10:389 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a PHP's LDAP connect method returned true (note, this does not imply it connected to the server). 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getUserDN 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Doing a proxy bind 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Created a regular filter: (sAMAccountName=123.45.67.89) 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getBaseDN 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a basedn is not set for this type of entry, trying to get the default basedn. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getBaseDN 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Using base: ou=HS Users,dc=HS,dc=city,dc=k12,dc=zz,dc=us 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Couldn't find an entry 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Fetched username is not a string (check your hook code...). This message can be safely ignored if you do not have the SetUsernameAttributeFromLDAP hook defined. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Munged username: 123.45.67.89 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering userExists 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering authenticate for username Ke flast 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering Connect 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Using TLS or not using encryption. 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Using servers: ldap://10.10.10.10:389 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a PHP's LDAP connect method returned true (note, this does not imply it connected to the server). 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering getSearchString 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Doing a straight bind 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a userdn is: HS\Ke flast 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Binding as the user 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Failed to bind as HS\Ke flast 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering allowPasswordChange 2012-09-27 01:30:03 www.highschool.net wiki: 2.0a Entering modifyUITemplate

I have some PHP programming experience so I have no problem getting into the code to modify it so that it stops turning "ke_flast" into "Ke flast", but I don't know where to find that. Any help would be appreciated!

-Chris