Thread:Extension talk:LDAP Authentication/Trouble with LDAP Group Authentication

When I'm not using AD Groups I can login fine. But when I enable groups I get password not found.

I have a couple of question:


 * 1) Why does it say "user is not using a valid domain" at the beginning of the log, then it seems to be changing it's mind a few lines down.
 * 2) Why does there seem to be so much back and forth in the log between the wiki and AD.

I am using PHP 5.3 and the latest version of Mediawiki on Windows Server 2008 R2

Thanks,

Wade

Configuration

Log File 2013-10-23 19:34:28  mtsitwiki: 2.0d Entering validDomain 2013-10-23 19:34:28  mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:34:28  mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:34:28  mtsitwiki: 2.0d User is not using a valid domain. 2013-10-23 19:34:28  mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:34:28  mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:34:28  mtsitwiki: 2.0d Setting domain as: <(OMAIN) 2013-10-23 19:34:29  mtsitwiki: 2.0d Entering allowPasswordChange 2013-10-23 19:34:29  mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:34:29  mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:34:29  mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:34:29  mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:34:29  mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:34:29  mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:34:29  mtsitwiki: 2.0d Entering modifyUITemplate 2013-10-23 19:34:29  mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:34:29 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:34:29 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:34:29 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:34:29 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:34:29 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:34:29 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:34:29 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:34:29 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:34:29 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:38 <ServerName> mtsitwiki: 2.0d Entering validDomain 2013-10-23 19:35:38 <ServerName> mtsitwiki: 2.0d User is using a valid domain (DOMAIN). 2013-10-23 19:35:38 <ServerName> mtsitwiki: 2.0d Setting domain as: DOMAIN 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getCanonicalName 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Username is: Wade.courtney 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Munged username: Wade.courtney 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering authenticate for username Wade.courtney 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering Connect 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Using TLS or not using encryption. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Using servers: ldap:/<ADSERVER> ldap://<ADSERVER> 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d PHP's LDAP connect method returned true (note, this does not imply it connected to the server). 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getSearchString 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Doing a straight bind 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d userdn is: Wade.courtney@<DOMAIN> 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Binding as the user 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Bound successfully 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getUserDN 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Created a regular filter: (sAMAccountName=Wade.courtney) 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getBaseDN 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d basedn is not set for this type of entry, trying to get the default basedn. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getBaseDN 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d basedn is not set. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Using base: 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Couldn't find an entry 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Fetched UserDN: 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getGroups 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Retrieving LDAP group membership 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Searching for the groups 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering searchGroups 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getBaseDN 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d basedn is not set for this type of entry, trying to get the default basedn. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getBaseDN 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d basedn is not set. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d User Filter: (&(distinguishedName=)(objectclass=user)) 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Search string: (&(member=)(objectclass=group)) 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d No entries returned from search. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering checkGroups 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Checking for (new style) group membership 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Required groups: cn= ,ou=groups,ou=information technology,dc=<DOMAIN>,dc=com 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Couldn't find the user in any groups. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering strict. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Returning true in strict. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering allowPasswordChange 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering modifyUITemplate 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session. 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Entering getDomain 2013-10-23 19:35:39 <ServerName> mtsitwiki: 2.0d Pulling domain from session.