I am trying to migrate from IIS to CentOS apache, but I am having issues with LDAP. My original config worked with Remote Auth, but this seems more complicated in Linux.
If I run ' php extensions/LDAPProvider/maintenance/ShowUserInfo.php --domain mydomain --username 1234567' I get results back fine. But if I try and sign in with pluggable auth I get the error 'Could not fetch required user info to complete login' and no LDAP logs are generated.
wfLoadExtension( 'PluggableAuth' );
wfLoadExtension( 'LDAPAuthentication2' );
wfLoadExtension( 'LDAPAuthorization' );
wfLoadExtension( 'LDAPProvider' );
wfLoadExtension( 'LDAPUserInfo' );
wfLoadExtension( 'LDAPGroups' );
$LDAPAuthorizationAutoAuthRemoteUserStringParser = 'domain-backslash-username';
$LDAPAuthentication2UsernameNormalizer = 'strtolower';
$LDAPAuthentication2AllowLocalLogin = false;
# $wgAuthRemoteuserAllowUserSwitch = false;
$wgPluggableAuth_EnableLocalLogin = false;
$wgDebugLogGroups['LDAPUserInfo'] = "/var/www/mydomain.my.com/log/DAPUserInfo.log";
$wgDebugLogGroups['LDAPGroups'] = "/var/www/mydomain.my.com/log/LDAPGroups.log";
$LDAPProviderDomainConfigProvider = function() {
$config = [
'mydomain' => [
'connection' => [
"server" => "dc.mydomain.my.com",
"user" => "CN=Media Wiki,CN=Managed Service Accounts,DC=mydomain,DC=my,DC=com",
"pass" => "xxxxxxxxxxx",
"options" => [
"LDAP_OPT_DEREF" => 1
],
"basedn" => "DC=mydomain,DC=my,DC=com",
"groupbasedn" => "DC=mydomain,DC=my,DC=com",
"userbasedn" => "DC=mydomain,DC=my,DC=com",
"searchattribute" => "samaccountname",
"usernameattribute" => "samaccountname",
"realnameattribute" => "displayname",
"grouprequest" => "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\UserMemberOf::factory"
],
'authorization' => [
'rules' => [
'groups' => [
'required' => [
"CN=My Grup,DC=mydomain,DC=my,DC=com"
]
]
]
],
'userinfo' => [
'attributes-map' => [
'realname' => 'fullname'
]
],
'groupsync' => [
"mechanism" => "mappedgroups",
"mapping" => [
"sysop" => "CN=My Grup,DC=mydomain,DC=my,DC=com"
]
]
]
];
return new \MediaWiki\Extension\LDAPProvider\DomainConfigProvider\InlinePHPArray( $config );
};
Any ideas?