Topic on Extension talk:LDAP Authentication

I can't create user account with Ldap extension

1
Teokraba (talkcontribs)

Hi all,

thanks Ryan for this great extension, very useful and simple to use!

I run mediawiki for a small department in a big IT company and, now, for a transitional times I need to use local & LDAP user. Not all users in LDAP can login to my Mediawiki, only user added by me in local DB (before installing/configuring LDAP extension) can log in and autocreate is disabled. For example John Doe can log in with 2 user: JohnDoe and AB123456 (the ID of LDAP) and in user table I've JohnDoe and AB123456 entry.

After this first run of configuration I need to add other users by hand but createAndPromote scripts fail...I've read THIS post but it's from 2010 and the code is changed...and I don't know PHP as well:)

Version:

MediaWiki 1.20.3
PHP 5.3.3-7+squeeze15 (apache2handler)
MySQL 5.1.49-3-log
LDAP Authentication Plugin (Versione 2.0d)

My LocalSettings.php:

$wgGroupPermissions['*']['createaccount'] = false;
...
require_once( "$IP/extensions/LdapAuthentication/LdapAuthentication.php" );
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array( 'mydomain.local' );
$wgLDAPServerNames = array( 'mydomain.local' => '10.10.10.11' );
$wgLDAPPort = array( 'mydomain.local' => 3268);
$wgLDAPSearchAttributes = array( 'mydomain.local' => 'sAMAccountName' );
$wgLDAPBaseDNs = array( 'mydomain.local' => 'DC=mydomain,DC=local' );
$wgLDAPSearchStrings = array( 'mydomain.local' => "MYDOMAIN\\USER-NAME" );
$wgLDAPEncryptionType = array( 'mydomain.local' => 'clear' );
//using local & LDAP DB
$wgLDAPUseLocal = true;
$wgLDAPAddLDAPUsers = array( 'mydomain.local' => false);
$wgLDAPUpdateLDAP = array( 'mydomain.local' => false);
$wgLDAPWriterPassword = array( 'mydomain.local' => false);
$wgLDAPWriterDN = array( 'mydomain.local' => false);
$wgLDAPPreferences = array( 'mydomain.local'=>array( "email"=>"mail", "realname"=>"displayname","nickname"=>"givenname") );
$wgLDAPDisableAutoCreate = array( 'mydomain.local' => true);
$wgLDAPDebug = 6;
$wgDebugLogGroups["ldap"] = "log_debugLDAP.txt";

CreateAndPromote output:

php maintenance/createAndPromote.php TestUser testpass                                                                                  
wiki: Creating and promoting User:TestUser...Non è possibile modificare le password su questo wiki. (you can't modify the password in this wiki)
Backtrace:
#0 /var/www/wiki/maintenance/createAndPromote.php(58): User->setPassword('testpass')
#1 /var/www/wiki/maintenance/doMaintenance.php(110): CreateAndPromote->execute()
#2 /var/www/wiki/maintenance/createAndPromote.php(84): require_once('/var/www/wi...')
#3 {main}

and the SQL trace is:

Start command line script maintenance/createAndPromote.php
CACHES: EmptyBagOStuff[main] SqlBagOStuff[message] SqlBagOStuff[parser]
Class LanguageIt not found; skipped loading
LocalisationCache: using store LCStore_DB
Connecting to localhost wiki...
Profiler::instance called with bogus $wgProfiler setting, falling back to ProfilerStub for safety
Query wiki (1) (slave): SET /* DatabaseMysql::open  */ NAMES utf8
Query wiki (2) (slave): SET /* DatabaseMysql::open  */ sql_mode = 
Connected to localhost wiki.
Query wiki (3) (slave): SELECT /* LCStore_DB::get  */  lc_value  FROM `l10n_cache`  WHERE lc_lang = 'it' AND lc_key = 'deps'  LIMIT 1  
Query wiki (4) (slave): SELECT /* LCStore_DB::get  */  lc_value  FROM `l10n_cache`  WHERE lc_lang = 'it' AND lc_key = 'list'  LIMIT 1  
Query wiki (5) (slave): SELECT /* LCStore_DB::get  */  lc_value  FROM `l10n_cache`  WHERE lc_lang = 'it' AND lc_key = 'preload'  LIMIT 1  
Query wiki (6) (slave): SELECT /* LCStore_DB::get  */  lc_value  FROM `l10n_cache`  WHERE lc_lang = 'it' AND lc_key = 'preload'  LIMIT 1  
Query wiki (7) (slave): SELECT /* LCStore_DB::get  */  lc_value  FROM `l10n_cache`  WHERE lc_lang = 'it' AND lc_key = 'fallback'  LIMIT 1  
Unstubbing $wgParser on call of $wgParser::setHook from wfSpoilerExtension
Parser: using preprocessor: Preprocessor_DOM
Query wiki (8) (slave): SELECT /* DatabaseBase::tableExists  */ 1 FROM `tw_groups` LIMIT 1
Query wiki (9) (slave): SELECT /* DatabaseBase::tableExists  */ 1 FROM `tw_namespaces` LIMIT 1
Query wiki (10) (slave): SELECT /* DatabaseBase::tableExists  */ 1 FROM `tw_privileges` LIMIT 1
Query wiki (11) (slave): SELECT /* DatabaseBase::select  */  tw_grp_name  FROM `tw_groups`   
Query wiki (12) (slave): SELECT /* DatabaseBase::select  */  *  FROM `tw_namespaces`   
Query wiki (13) (slave): SELECT /* DatabaseBase::select  */  *  FROM `tw_privileges`   
Fully initialised
IP: 127.0.0.1
Query wiki (14) (slave): SELECT /* User::idForName 127.0.0.1 */  user_id  FROM `user`  WHERE user_name = 'TestUser'  LIMIT 1  
Unstubbing $wgLang on call of $wgLang::getCode from MessageCache::get
Connecting to localhost wiki...
Query wiki (15) (slave): SET /* DatabaseMysql::open 127.0.0.1 */ NAMES utf8
Query wiki (16) (slave): SET /* DatabaseMysql::open 127.0.0.1 */ sql_mode = 
Connected to localhost wiki.
Query wiki (17) (slave): SELECT /* SqlBagOStuff::getMulti 127.0.0.1 */  keyname,value,exptime  FROM `objectcache`  WHERE keyname = 'wiki-:messages:it'  
MessageCache::load: Loading it... got from global cache
Query wiki (18) (slave): SELECT /* LCStore_DB::get 127.0.0.1 */  lc_value  FROM `l10n_cache`  WHERE lc_lang = 'it' AND lc_key = 'messages:password-change- forbidden'  LIMIT 1  

and the LDAP output:

2013-04-03 08:58:51 kiwi wiki: 2.0d Entering getCanonicalName
2013-04-03 08:58:51 kiwi wiki: 2.0d Username is: TestUser
2013-04-03 08:58:51 kiwi wiki: 2.0d Entering getDomain
2013-04-03 08:58:51 kiwi wiki: 2.0d No domain found, returning invaliddomain
2013-04-03 08:58:51 kiwi wiki: 2.0d Munged username: TestUser
2013-04-03 08:58:51 kiwi wiki: 2.0d Entering allowPasswordChange
2013-04-03 08:58:51 kiwi wiki: 2.0d Entering getDomain
2013-04-03 08:58:51 kiwi wiki: 2.0d No domain found, returning invaliddomain
2013-04-03 08:58:51 kiwi wiki: 2.0d Entering getDomain
2013-04-03 08:58:51 kiwi wiki: 2.0d No domain found, returning invaliddomain
2013-04-03 08:58:51 kiwi wiki: 2.0d Entering getDomain
2013-04-03 08:58:51 kiwi wiki: 2.0d No domain found, returning invaliddomain
2013-04-03 08:58:51 kiwi wiki: 2.0d Entering getDomain
2013-04-03 08:58:51 kiwi wiki: 2.0d No domain found, returning invaliddomain 

It's possible to add users to local DB? Thanks a lot, Matteo

Reply to "I can't create user account with Ldap extension"