Thread:Project:Support desk/LDAP Binding issues

Hi All,

Hopfeully someone can help me. I've been having this issue for awhile now and I can't seem to solve it. First, I have LDAP connecting with my AD server just fine but when it comes to binding that's a different story. Here are my specs:

MediaWiki 1.18.1 PHP 5.3.2-1ubuntu4.10 (apache2handler) MySQL 5.1.41-3ubuntu12.10

Here's my LDAP code from my LocalSettings.php file:

''require_once("$IP/extensions/LdapAuthentication/LdapAuthentication.php"); $wgAuth = new LdapAuthenticationPlugin;

$wgLDAPDomainNames = array("thy"); $wgLDAPServerNames = array("thy" => "sword.thy.thunderenergy.com"); $wgLDAPLowerCaseUsername = array("thy" => true);

$wgLDAPUseLocal = false; $wgLDAPAddLDAPUsers = array("LDAP" => false); $wgLDAPUpdateLDAP = array("LDAP" => false);

$wgLDAPEncryptionType = array("thy" => "ssl"); $wgLDAPSearchStrings = array( "thy" => "USER-NAME\\thy" );

$wgShowExceptionDetails = true; $wgLDAPDebug = 3; $wgDebugLogGroups["ldap"] = "/tmp/debug.log";''

and here's the debug.log file:

''2012-02-22 19:02:33 SwordTestDB: 1.2e Entering validDomain 2012-02-22 19:02:33 SwordTestDB: 1.2e User is using a valid domain (thy). 2012-02-22 19:02:33 SwordTestDB: 1.2e Setting domain as: thy 2012-02-22 19:02:33 SwordTestDB: 1.2e Entering getCanonicalName 2012-02-22 19:02:33 SwordTestDB: 1.2e Username isn't empty. 2012-02-22 19:02:33 SwordTestDB: 1.2e Munged username: Colins 2012-02-22 19:02:33 SwordTestDB: 1.2e Entering getCanonicalName 2012-02-22 19:02:33 SwordTestDB: 1.2e Username isn't empty. 2012-02-22 19:02:33 SwordTestDB: 1.2e Munged username: 200.200.200.xxx 2012-02-22 19:02:33 SwordTestDB: 1.2e Entering getCanonicalName 2012-02-22 19:02:33 SwordTestDB: 1.2e Username isn't empty. 2012-02-22 19:02:33 SwordTestDB: 1.2e Munged username: 200.200.200.xxx 2012-02-22 19:02:33 SwordTestDB: 1.2e Entering getCanonicalName 2012-02-22 19:02:33 SwordTestDB: 1.2e Username isn't empty. 2012-02-22 19:02:33 SwordTestDB: 1.2e Munged username: 200.200.200.xxx 2012-02-22 19:02:33 SwordTestDB: 1.2e Entering getCanonicalName 2012-02-22 19:02:33 SwordTestDB: 1.2e Username isn't empty. 2012-02-22 19:02:33 SwordTestDB: 1.2e Munged username: Colins 2012-02-22 19:02:33 SwordTestDB: 1.2e Entering getCanonicalName 2012-02-22 19:02:33 SwordTestDB: 1.2e Username isn't empty. 2012-02-22 19:02:33 SwordTestDB: 1.2e Munged username: 200.200.200.xxx 2012-02-22 19:02:33 SwordTestDB: 1.2e Entering userExists 2012-02-22 19:02:33 SwordTestDB: 1.2e 2012-02-22 19:02:33 SwordTestDB: 1.2e Entering authenticate 2012-02-22 19:02:33 SwordTestDB: 1.2e 2012-02-22 19:02:33 SwordTestDB: 1.2e Entering Connect 2012-02-22 19:02:33 SwordTestDB: 1.2e Using SSL 2012-02-22 19:02:33 SwordTestDB: 1.2e Using servers:  ldaps://sword.thy.thunderenergy.com 2012-02-22 19:02:33 SwordTestDB: 1.2e Connected successfully 2012-02-22 19:02:33 SwordTestDB: 1.2e Lowercasing the username: Colins 2012-02-22 19:02:33 SwordTestDB: 1.2e Entering getSearchString 2012-02-22 19:02:33 SwordTestDB: 1.2e Doing a straight bind 2012-02-22 19:02:33 SwordTestDB: 1.2e userdn is: colins\thy 2012-02-22 19:02:33 SwordTestDB: 1.2e 2012-02-22 19:02:33 SwordTestDB: 1.2e Binding as the user 2012-02-22 19:02:33 SwordTestDB: 1.2e trying to bind calling: 2012-02-22 19:02:33 SwordTestDB: 1.2e  ldap_bind(conn_handle=Resource id #115, userdn=colins\thy, password=xxxxx).. 2012-02-22 19:02:33 SwordTestDB: 1.2e  ldap_bind(...) failed. 2012-02-22 19:02:33 SwordTestDB: 1.2e  LDAP_Error Code : Can't contact LDAP server 2012-02-22 19:02:33 SwordTestDB: 1.2e  LDAP Error Msg  : Can't contact LDAP server 2012-02-22 19:02:33 SwordTestDB: 1.2e  LDAP Extended ErrorMsg: A TLS packet with unexpected length was received. 2012-02-22 19:02:33 SwordTestDB: 1.2e Failed to bind as colins\thy 2012-02-22 19:02:33 SwordTestDB: 1.2e with password: xxxxx 2012-02-22 19:02:33 SwordTestDB: 1.2e Entering allowPasswordChange 2012-02-22 19:02:33 SwordTestDB: 1.2e Entering modifyUITemplate ''

I'd like to say for the record, I'm a programmer and not a network guy. That being said, I have little experience dealing with servers (AD or otherwise). It's just frustrating that I can't solve this simple issue. Anyways, thanks in advance. Cheers.