Thread:Extension talk:LDAP Authentication/Mediawiki authentication to W2K8 LDAP

Hi all ..... i am beginner with this issues ....

I use MediaWiki 1.16.2 on W2K3 Server with IIS 6.0 / MySQL 5.1.33  /  PHP 5.2.9  /  LDAPAuthentication-MW1.16-r61987  / Domain FQDN = bs.privat

In moment MediaWiki works with local authentication but i will use a authentikation to my W2k8 Domain controller and all Users in one group can login to MW.

If i am use the following config in localsettings.php, i can not login with local and domain accounts.

I have no plan what i can do ... please ... have anyone a idea for me ...

MY config

require_once('extensions/LdapAuthentication.php');
 * 1) LDAP Authentication Configuration

$wgAuth = new LdapAuthenticationPlugin;

$wgLDAPDomainNames = array("bs");

$wgLDAPServerNames = array("bs" => "obelix.bs.privat");

$wgLDAPEncryptionType = array('bs' => 'clear');

$wgLDAPSearchStrings = array("bs" => "uid=USER-NAME,ou=users,dc=bs,dc=privat");

$wgLDAPUseLocal = true;

$wgLDAPAddLDAPUsers = true;

$wgLDAPUpdateLDAP = true;

$wgLDAPMailPassword = false;

$wgLDAPRetrievePrefs = true;

$wgMinimalPasswordLength = 1;

$wgLDAPRequiredGroups = array("bs" => array("cn=wikiuser"));

$wgLDAPGroupUseFullDN = array("bs" => true);

$wgLDAPGroupObjectclass = array("bs" => "groupofuniquenames");

$wgLDAPGroupAttribute = array("bs" => "uniqueMember");

$wgLDAPGroupSearchNestedGroups = array("bs" => true);

$wgLDAPGroupNameAttribute = array("bs" => "cn");

$wgLDAPBaseDNs = array("bs" => "dc=bs,dc=privat");

$wgGroupPermissions['*']['edit']             = false;

$wgAutopromote['emailconfirmed'] = APCOND_EMAILCONFIRMED;


 * 1) DEBUG

$wgLDAPDebug 				= 5; //for debugging LDAP

$wgShowExceptionDetails 		= true; //for debugging MediaWiki

$wgDebugLogGroups["ldap"] 		= 'c:/ldap_debug.log';

DEBUGLOG

2011-02-13 18:34:07 wikidb: Entering validDomain

2011-02-13 18:34:07 wikidb: User is using a valid domain.

2011-02-13 18:34:07 wikidb: Setting domain as: bs

2011-02-13 18:34:07 wikidb: Entering getCanonicalName

2011-02-13 18:34:07 wikidb: Username isn't empty.

2011-02-13 18:34:07 wikidb: Munged username: Bernie

2011-02-13 18:34:07 wikidb: Entering authenticate

2011-02-13 18:34:07 wikidb:

2011-02-13 18:34:07 wikidb: Entering Connect

2011-02-13 18:34:07 wikidb: Using TLS or not using encryption.

2011-02-13 18:34:07 wikidb: Using servers:  ldap://obelix.bs.privat

2011-02-13 18:34:07 wikidb: Connected successfully

2011-02-13 18:34:07 wikidb: Entering getSearchString

2011-02-13 18:34:07 wikidb: Doing a straight bind

2011-02-13 18:34:07 wikidb: userdn is: uid=Bernie,ou=users,dc=bs,dc=privat

2011-02-13 18:34:07 wikidb:

2011-02-13 18:34:07 wikidb: Binding as the user

2011-02-13 18:34:07 wikidb: Bound successfully

2011-02-13 18:34:07 wikidb: Entering getGroups

2011-02-13 18:34:07 wikidb: Retrieving LDAP group membership

2011-02-13 18:34:07 wikidb: Searching for the groups

2011-02-13 18:34:07 wikidb: Entering searchGroups

2011-02-13 18:34:07 wikidb: Entering getBaseDN

2011-02-13 18:34:07 wikidb: basedn is not set for this type of entry, trying to get the default basedn.

2011-02-13 18:34:07 wikidb: Entering getBaseDN

2011-02-13 18:34:07 wikidb: basedn is dc=bs,dc=privat

2011-02-13 18:34:07 wikidb: Search string: (&(uniqueMember=uid=Bernie,ou=users,dc=bs,dc=privat)(objectclass=groupofuniquenames))

2011-02-13 18:34:07 wikidb: Returned groups:

2011-02-13 18:34:07 wikidb: Entering searchNestedGroups

2011-02-13 18:34:07 wikidb: No more groups to search.

2011-02-13 18:34:07 wikidb: Got the following nested groups:

2011-02-13 18:34:07 wikidb: Entering checkGroups

2011-02-13 18:34:07 wikidb: Checking for (new style) group membership

2011-02-13 18:34:07 wikidb: Required groups: cn=wikiuser,cn=all_user

2011-02-13 18:34:07 wikidb: Couldn't find the user in any groups.

2011-02-13 18:34:07 wikidb: Entering strict.

2011-02-13 18:34:07 wikidb: Returning false in strict.

2011-02-13 18:34:07 wikidb: Entering allowPasswordChange

2011-02-13 18:34:07 wikidb: Entering modifyUITemplate

2011-02-13 18:34:07 wikidb: Allowing the local domain, adding it to the list.