Topic on Extension talk:LDAP Authentication

The supplied credentials could not be authenticated.

3 comments • 16:48, 14 December 2022 1 year ago

3

Laujc (talkcontribs)

I keep getting this message when trying to login. There is no errors generate in the log. I'm using LDAPAuthentication2 version 1.0.1, LDAPProvider version 1.0.5, PluggableAuth version 6.1, MediaWiki version 1.39, and PHP 7.4.33.

By the way it was working perfectly fine under MediaWiki 1.38.4. The issue starts when I upgraded to MediaWiki 1.39.

Below is my LocalSetting.

wfLoadExtensions([ 'PluggableAuth', 'LDAPProvider', 'LDAPAuthentication2', 'WikiEditor', 'UserMerge' ]);

$LDAPProviderDomainConfigProvider = function() {

$config = [

'domain.gov' => [

'connection' => [

"server" => "ldap.domain.gov",

"port" => 636,

"user" => "cn=LDAPWIKI,ou=ldap,ou=other,ou=domain users,dc=domain,dc=gov",

"pass" => "password",

"enctype" => "ssl",

"options" => [

"LDAP_OPT_DEREF" => 1

],

"basedn" => "dc=domain,dc=gov",

"groupbasedn" => "ou=domain groups,dc=domain,dc=gov",

"userbasedn" => "dc=domain,dc=gov",

"searchattribute" => "samaccountname",

"searchstring" => "USER-NAME@domain.gov",

"usernameattribute" => "cn",

"realnameattribute" => "cn",

"emailattribute" => "mail",

"grouprequest" => "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\UserMemberOf::factory"

],

'groupsync' => [

"cn=LDAPWIKI,ou=ldap,ou=other,ou=domain users,dc=domain,dc=gov"

],

'userinfo' => [

"email" => "mail",

"realname" => "cn",

"properties.gender" => "gender"

],

'authorization' => [

'rules' => [

'groups' => [

'required' => ["CN=GRP.EMP,OU=GRP,OU=DA,OU=domain Groups,DC=domain,DC=gov","CN=GRP.STAFF,OU=Auto,OU=domain Groups,DC=domain,DC=gov"]

],

]

];

return new \MediaWiki\Extension\LDAPProvider\DomainConfigProvider\InlinePHPArray( $config );

};

$wgDebugLogGroups['PluggableAuth'] = 'C:\log\pluggableauth-dev.log';

$wgLDAPDebug = 3;

$wgDebugLogGroups['LDAP'] = 'C:\log\ldap-dev.log';

$wgDebugLogGroups['MediaWiki\\Extension\\LDAPProvider\\Client'] = 'C:\log\ldapprovider-dev.log';

$wgDebugLogGroups['LDAPGroups'] = 'C:\log\ldapgroups-dev.log';

$wgDebugLogGroups['LDAPUserInfo'] = 'C:\log\ldapusers-dev.log';

$wgDebugLogGroups['LDAPAuthorization'] = 'C:\log\ldapauthorization-dev.log';

$wgDebugLogGroups['LDAPAuthentication2'] = 'C:\log\LDAPAuthentication2-dev.log';

Reply 16:07, 9 December 2022 1 year ago

Pppery (talkcontribs)

You should post this at Extension talk:LDAPAuthentication2 instead. This is the talk page for an obsolete extension, and it is not being monitored (and I only found this by pure chance when doing an unrelated bit of cleanup).