Topic on Extension talk:LDAP Authentication

Incorrect Password Error

16 comments • 02:18, 10 July 2015 8 years ago
16
Wscwiki (talkcontribs)

Hi

I have mediaWiki set up in a WAMP environment all running on the same server, when I try to login I get the error message Incorrect Password. I have followed a few of the recommended options for this issue but still cannot get past this. Currently my LocalSettings.php file looks like this:


LocalSettings.php 

require_once("$IP/extensions/ldap/LdapAuthentication.php" );
$wgAuth = new LdapAuthenticationPlugin();

$wgLDAPDebug = 3;

$wgDebugLogFile = "C:\log.txt";

$wgLDAPDomainNames = array( "WSCCLGE" );

$wgLDAPServerNames = array( "WSCCLGE" => "dc1.wscclge.nsw.edu.au" );

$wgLDAPSearchStrings = array("WSCCLGE" => "uid=USER-NAME,ou=College Users,dc=wscclge,dc=nsw,dc=edu,dc=au" );

$wgLDAPBaseDNs = array("WSCCLGE" => "dc=wscclge,dc=nsw,dc=edu,dc=au" );

$wgLDAPProxyAgent = array("WSCCLGE" => "cn=wiki,ou=Service Accounts,dc=wscclge,dc=nsw,dc=gov,dc=au" );

$wgLDAPProxyAgentPassword = array( "WSCCLGE", "P@55w0rdG03sH3r3" );

$wgLDAPUseLocal = false;

$wgMinimalPasswordLength = 1;

I am running this under Windows 2003 R2 server. The PHP directory is located under the PATH environment, I've ensured that PHP.ini has the extension=ldap.dll uncommented. What else am I missing ?


Thanks

Reply Edited by Wargo 13:05, 13 October 2013 10 years ago
Eva~mediawikiwiki (talkcontribs)

Hello ,
I have the same problem
my configuration : PHP 5.2.11, Apache 2.2.11 , MySQL 5.1.36, LDAP Authentication Plugin (Version 1.2c)
I work on windows xp, with wampserver
I work whith OpenLDAP which is runnig on ldap://localhost:389
and Mediawiki run on wampserver : http://localhost/mediawiki/index.php/Accueil

LocalSettings.php 

require_once( "$IP/extensions/LDAP/LdapAuthentication.php" ); 
$wgAuth = new LdapAuthenticationPlugin(); 
$wgLDAPDomainNames = array( "LOCALLDAP" ); 
$wgLDAPServerNames = array( "LOCALLDAP"=>"my-domain.com" ); 
$wgLDAPUseLocal = true; 
$wgLDAPEncryptionType = array( "LOCALLDAP"=>"clear" ); 
$wgLDAPPort = array("LOCALLDAP"=>389);
$wgLDAPSearchStrings = array( "LOCALLDAP" => "LOCALLDAP\\USER-NAME" );
$wgLDAPGroupNameAttribute = array("OURDOMAIN"=>"cn");
$wgLDAPUserBaseDNs = array("LOCALLDAP"=>"ou=Utilisateurs,ou=Personnes,dc=my-domain,dc=com");   
$wgLDAPDisableAutoCreate = array("LOCALLDAP"=>false);
$wgMinimalPasswordLength = 1;
$wgLDAPDebug = 3;
$wgDebugLogFile = "C:\log.txt";
$wgLDAPBaseDNs = array("LOCALLDAP" => "dc=my-domain,dc=com" );
$wgDebugLogGroups["ldap"] = "/tmp/debug.log" ;
$wgLDAPGroupBaseDNs = array( "LOCALLDAP"=>"ou=Groupes,dc=my-domain,dc=com" );

Debug.log 

2010-06-28 08:49:37  bd_mediawiki: Entering validDomain
2010-06-28 08:49:37  bd_mediawiki: User is not using a valid domain.
2010-06-28 08:49:37  bd_mediawiki: Setting domain as: invaliddomain
2010-06-28 08:49:37  bd_mediawiki: Entering allowPasswordChange
2010-06-28 08:49:37  bd_mediawiki: Entering modifyUITemplate
2010-06-28 08:49:37  bd_mediawiki: Allowing the local domain, adding it to the list.
2010-06-28 08:49:53  bd_mediawiki: Entering validDomain
2010-06-28 08:49:53  bd_mediawiki: User is using a valid domain.
2010-06-28 08:49:53  bd_mediawiki: Setting domain as: LOCALLDAP
2010-06-28 08:49:53  bd_mediawiki: Entering getCanonicalName
2010-06-28 08:49:53  bd_mediawiki: Username isn't empty.
2010-06-28 08:49:53  bd_mediawiki: Munged username: Admin1
2010-06-28 08:49:53  bd_mediawiki: Entering userExists
2010-06-28 08:49:53  bd_mediawiki: 
2010-06-28 08:49:53  bd_mediawiki: Entering authenticate
2010-06-28 08:49:53  bd_mediawiki: 
2010-06-28 08:49:53  bd_mediawiki: Entering Connect
2010-06-28 08:49:53  bd_mediawiki: It looks like you are missing LDAP support; please ensure you have either compiled LDAP support in, or have enabled the module. If the authentication is working for you, the plugin isn't properly detecting the LDAP module, and you can safely ignore this message.
2010-06-28 08:49:53  bd_mediawiki: Failed to connect
2010-06-28 08:49:53  bd_mediawiki: Entering allowPasswordChange
2010-06-28 08:49:53  bd_mediawiki: Entering modifyUITemplate
2010-06-28 08:49:53  bd_mediawiki: Allowing the local domain, adding it to the list.
2010-06-28 08:50:02  bd_mediawiki: Entering validDomain
2010-06-28 08:50:02  bd_mediawiki: User is using a valid domain.
2010-06-28 08:50:02  bd_mediawiki: Setting domain as: LOCALLDAP
2010-06-28 08:50:02  bd_mediawiki: Entering getCanonicalName
2010-06-28 08:50:02  bd_mediawiki: Username isn't empty.
2010-06-28 08:50:02  bd_mediawiki: Munged username: Eva
2010-06-28 08:50:02  bd_mediawiki: Entering authenticate
2010-06-28 08:50:02  bd_mediawiki: 
2010-06-28 08:50:02  bd_mediawiki: Entering Connect
2010-06-28 08:50:02  bd_mediawiki: It looks like you are missing LDAP support; please ensure you have either compiled LDAP support in, or have enabled the module. If the authentication is working for you, the plugin isn't properly detecting the LDAP module, and you can safely ignore this message.
2010-06-28 08:50:02  bd_mediawiki: Failed to connect
2010-06-28 08:50:02  bd_mediawiki: Entering strict.
2010-06-28 08:50:02  bd_mediawiki: Returning false in strict().
2010-06-28 08:50:02  bd_mediawiki: Entering updateUser
2010-06-28 08:50:02  bd_mediawiki: User didn't successfully authenticate, exiting.

I've tested the connection with 2 login

Admin1 which is an AD user but not he has no account in the wiki
Eva which is an AD user but she has an account int the wiki as a sysop


I don't know what to do. Could you help me please
thanks

This post was posted by Eva~mediawikiwiki, but signed as Eva.

Reply Edited by Flow talk page manager 02:18, 10 July 2015 8 years ago
Ryan lane (talkcontribs)

The debug log specifically says this:

It looks like you are missing LDAP support; please ensure you have either compiled LDAP support in, or have enabled the module. If the authentication is working for you, the plugin isn't properly detecting the LDAP module, and you can safely ignore this message.

You need to ensure the LDAP module is enabled...

Reply 15:17, 28 June 2010 13 years ago
120.62.191.123 (talkcontribs)

Hello Ryan,

I have installed php-ldap even also am getting the same error "it looks like you are missing LDAP support; please ensure you have either compiled LDAP support in, or have enabled the module. If the authentication is working for you, the plugin isn't properly detecting the LDAP module, and you can safely ignore this message." what i have to do ?

Thanks & best Regards

Ramkee.M

Reply 17:17, 16 August 2014 9 years ago
Ryan lane (talkcontribs)

Also, you have a different problem than the parent thread. When posting problems, you really shouldn't hijack someone else's thread, but should create your own. (I'm going to move yours into a new thread).

Reply 15:18, 28 June 2010 13 years ago
Ryan lane (talkcontribs)

Well, I would, but liquid threads isn't working for me right now :).

Reply 15:28, 28 June 2010 13 years ago
Ryan lane (talkcontribs)

Please post your debug log. Btw, ensure you snip out sensitive information.

Note that in your current configuration, you are using TLS encryption, which is what you want to do, but is likely causing your problem. Check out the requirements section for Windows, to check your configuration.

Reply 15:15, 28 June 2010 13 years ago
Wscwiki (talkcontribs)

Thanks Ryan, attached is the log file

Start request
POST /wikitesting/index.php?title=Special:UserLogin&action=submitlogin&type=login&returnto=Main_Page
Accept: */*
Referer: http://localhost/wikitesting/index.php?title=Special:UserLogin&action=submitlogin&type=login&returnto=Main_Page
Accept-Language: en-us
Content-Type: application/x-www-form-urlencoded
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322)
Host: localhost
Content-Length: 122
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: wikitestingdb_session=814a504f291c07d46a550624fdb10518
Main cache: FakeMemCachedClient
Message cache: MediaWikiBagOStuff
Parser cache: MediaWikiBagOStuff
session_set_cookie_params: "0", "/", "", "", "1"
Fully initialised
Unstubbing $wgContLang on call of $wgContLang::checkTitleEncoding from WebRequest::getGPCVal
Language::loadLocalisation(): got localisation for en from source
Unstubbing $wgOut on call of $wgOut::setArticleRelated from SpecialPage::setHeaders
Unstubbing $wgMessageCache on call of $wgMessageCache::get from wfMsgGetKey
Unstubbing $wgLang on call of $wgLang::getCode from wfGetLangObj
Unstubbing $wgUser on call of $wgUser::getOption from StubUserLang::_newObject
Connecting to localhost wikitestingdb...
IP: 127.0.0.1
Connected
MessageCache::load: Loading en... got from global cache
Unstubbing $wgParser on call of $wgParser::firstCallInit from MessageCache::transform
Connecting to localhost wikitestingdb...
Connected
LoginForm::attemptAutoCreate: $wgAuth->authenticate() returned false, aborting
Class SkinMonobook not found; skipped loading
OutputPage::sendCacheControl: private caching;  **
Request ended normally

Hope this helps. Thanks

Reply Edited by Wargo 13:07, 13 October 2013 10 years ago
Ryan lane (talkcontribs)

Sorry, I meant the ldap debug log. Specifically, the one you have in your config:

$wgDebugLogGroups["ldap"] = "/tmp/debug.log";
Reply 01:04, 29 June 2010 13 years ago
Wscwiki (talkcontribs)

OK, i must have a configuration issue somewhere my debug.log file is not being created. Must have missed something along the way.

OK got it going now here is the debug.log file.

2010-06-29 01:14:23  wikitestingdb: Allowing the local domain, adding it to the list.
2010-06-29 01:32:54  wikitestingdb: Entering validDomain
2010-06-29 01:32:54  wikitestingdb: User is not using a valid domain.
2010-06-29 01:32:54  wikitestingdb: Setting domain as: invaliddomain
2010-06-29 01:32:54  wikitestingdb: Entering allowPasswordChange
2010-06-29 01:32:54  wikitestingdb: Entering modifyUITemplate
2010-06-29 01:33:02  wikitestingdb: Entering validDomain
2010-06-29 01:33:02  wikitestingdb: User is using a valid domain.
2010-06-29 01:33:02  wikitestingdb: Setting domain as: {DOMAINNAME}
2010-06-29 01:33:02  wikitestingdb: Entering getCanonicalName
2010-06-29 01:33:02  wikitestingdb: Username isn't empty.
2010-06-29 01:33:02  wikitestingdb: Munged username: {USERNAME}
2010-06-29 01:33:02  wikitestingdb: Entering userExists
2010-06-29 01:33:02  wikitestingdb: 
2010-06-29 01:33:02  wikitestingdb: Entering authenticate
2010-06-29 01:33:02  wikitestingdb: 
2010-06-29 01:33:02  wikitestingdb: Entering Connect
2010-06-29 01:33:02  wikitestingdb: Using SSL
2010-06-29 01:33:02  wikitestingdb: Using servers:  ldaps://{DOMAIN CONTROLLER}
2010-06-29 01:33:02  wikitestingdb: Connected successfully
2010-06-29 01:33:02  wikitestingdb: Entering getSearchString
2010-06-29 01:33:02  wikitestingdb: Doing a straight bind
2010-06-29 01:33:02  wikitestingdb: userdn is: {DOMAINNAME}\{USERNAME}
2010-06-29 01:33:02  wikitestingdb: 
2010-06-29 01:33:02  wikitestingdb: Binding as the user
2010-06-29 01:33:03  wikitestingdb: Failed to bind as {DOMAINNAME}\{USERNAME}
2010-06-29 01:33:03  wikitestingdb: with password: {USERPASSWORD}
2010-06-29 01:33:03  wikitestingdb: Entering allowPasswordChange
2010-06-29 01:33:03  wikitestingdb: Entering modifyUITemplate
Reply Edited by Wargo 13:08, 13 October 2013 10 years ago
Wscwiki (talkcontribs)

Thanks Ryan I have figured this out and now have it working.

Reply 04:31, 29 June 2010 13 years ago
Ryan lane (talkcontribs)

Oh. Good. What was the problem?

Reply 18:25, 29 June 2010 13 years ago
203.35.171.178 (talkcontribs)

I saw in the notes that I had missed the ldap.conf file that was hardcoded somewhere as soon as that was added it all worked ok.

Great plug in thanks for the help, now I'll have to see if i can get single sign on working with it :) !

Reply 23:53, 29 June 2010 13 years ago
193.11.44.140 (talkcontribs)

I have a similar problem. Im getting the missing ldap support message. Tried to find a ldap.conf file but none is to be found, could this be the problem?

Reply 10:02, 30 June 2010 13 years ago
Ryan lane (talkcontribs)

If you are on windows? Yes. If you are on Linux, it still may be an issue, but it should be fairly easy to find it there. Read the requirements page.

Reply 13:12, 30 June 2010 13 years ago
Ramkee (talkcontribs)

Hi, can you tell me how did you configured ldap.conf, so that i can able fix my issue also

Reply 11:17, 18 August 2014 9 years ago
Reply to "Incorrect Password Error"
Retrieved from "https://www.mediawiki.org/wiki/Topic:Pf2eey2keiqxd458"