Topic on Extension talk:LDAP Authentication

LDAP Authentication fails with SSL Encryption

5 comments • 11:14, 8 March 2017 7 years ago
5
Dturtill (talkcontribs)

I am trying to configure LDAP Authentication with my AD server if i have the encryption set to clear it works fine however when i change this to ssl it fails to bind

Product Version
MediaWiki 1.28.0
PHP 5.6.30-0+deb8u1 (apache2handler)
MySQL 5.5.54-0+deb8u1
Reply 14:39, 7 March 2017 7 years ago
Dturtill (talkcontribs)

config is as below

require_once( “$IP/extensions/LdapAuthentication/LdapAuthentication.php” );

$wgAuth = new LdapAuthenticationPlugin();

$wgLDAPDomainNames = array( “mydomain” );

$wgLDAPServerNames = array( “mydomain”=>”server.mydomain.cmydomainltd.co.uk”  );

$wgLDAPUseLocal = false;

 $wgLDAPSearchStrings = array('mydomain' => 'mydomain\\USER-NAME',);

$wgLDAPEncryptionType = array( “mydomain”=>”clear” );

$wgLDAPBaseDNs = array( “mydomain”=>”ou=mydomain,dc=mydomain,dc=cmydomainltd,dc=co,dc=uk” );

$wgLDAPSearchAttributes = array( “mydomain”=>”sAMAccountName” );

$wgLDAPGroupUseFullDN = array( “mydomain”=>true );

$wgLDAPLowerCaseUsername = array( “mydomain”=>true );

$wgLDAPGroupObjectclass = array( “mydomain”=>”group” );

$wgLDAPGroupAttribute = array( “mydomain”=>”member” );

$wgLDAPGroupNameAttribute = array( “mydomain”=>”cn” );

$wgLDAPGroupBaseDNs = array( “mydomain”=>”ou=Groups,ou=mydomain,dc=mydomain,dc=cmydomainltd,dc=co,dc=uk” );

$wgLDAPUserBaseDNs = array( “mydomain”=>”ou=mydomain,dc=mydomain,dc=cmydomainltd,dc=co,dc=uk” );

$wgLDAPOptions = array("ad"=>array( LDAP_OPT_DEREF, 0 ));

$wgLDAPRequiredGroups = array( “mydomain”=> array(“cn=itwiki,ou=Groups,ou=mydomain,dc=mydomain,dc=cmydomainltd,dc=co,dc=uk”) );

$wgLDAPGroupSearchNestedGroups = array( “mydomain”=>true );

$wgLDAPActiveDirectory = array( "mydomain" => true);

$wgLDAPUpdateLDAP = array("DOMAIN"=>false);

$wgLDAPAddLDAPUsers = array("DOMAIN"=>false);

$wgLDAPDebug = 3;

$wgDebugLogGroups['ldap'] = "/tmp/wiki.ldap.debug-{$wgDBname}.log";

$wgShowExceptionDetails = true;

Reply 14:41, 7 March 2017 7 years ago
Dturtill (talkcontribs)

[a8aaa10042fe5e77d2cff1c2] 2017-03-08 10:07:02: Fatal exception of type "DBQueryErroru

Reply 10:08, 8 March 2017 7 years ago
Ciencia Al Poder (talkcontribs)

Try looking at the debug log for something relevant. Maybe the SSL cert is not recognized as trusted by the server and thus rejected.

Reply 10:24, 8 March 2017 7 years ago
Dturtill (talkcontribs)

With SSL on it just states Failed to Bind as (username)

with Clear on it seems to bind but then gives the Database error

Reply 11:14, 8 March 2017 7 years ago
Reply to "LDAP Authentication fails with SSL Encryption"
Retrieved from "https://www.mediawiki.org/wiki/Topic:Tmbpbe1lwzdb2om4"