User talk:Wenfir

About this board

Start a new topic
You are not logged in. To receive attribution with your name instead of your IP address, you can log in or create an account.

LDAP - "Auto-creation of a local account failed: Automatic account creation is not allowed."

One comment • 14:44, 11 May 2021 2 years ago
1
Wenfir (talkcontribs)

Hello,

i run Ubuntu 20.04 with apache2 php7.3 mediawiki 1.35

I have activated the plugins LDAPProvider, PluggableAuth, LDAPAuthentication2, LDAPGroups and LDAPUserInfo.


I updated mediawiki to version 1.35 and everything is working normally with LDAP users who were already in the database. But when creating a new user on LDAP he is giving an error to create the local account on mediawiki.


The connection to LDAP works, however when trying to login with new user via LDAP it says: "Auto-creation of a local account failed: Automatic account creation is not allowed."


log_file.log

Auto-creating user_name on login

MediaWiki\Auth\AuthManager::autoCreateUser: blacklisted in session ok0lc1odn06in7hrkkckavam9sof2qdo''

[PluggableAuth] Authenticated new user: user_name

User::getBlockedStatus: checking blocked status for user_name

Binary file (standard input) matches

Reply Edited 14:44, 11 May 2021 2 years ago
Reply to "LDAP - "Auto-creation of a local account failed: Automatic account creation is not allowed.""

Could not authenticate credentials against domain "mydomain.com"

One comment 14:14, 11 May 2021 2 years ago
1
Wenfir (talkcontribs)

hello, i updated medwiki and set up ldap in this new version and i have an authentication error, i am 2 days in this error, if anyone can help i appreciate it.


My LocalSettings:

##The formatting was not very good is my first post here, I hope you can understand


[[

##Extensions

wfLoadExtension( 'LDAPProvider' );

wfLoadExtension( 'LDAPAuthentication2' );

wfLoadExtension( 'LDAPAuthorization' );

wfLoadExtension( 'PluggableAuth' );

wfLoadExtension( 'LDAPGroups' );


$LDAPProviderDomainConfigProvider = function(){

$config =

"mydomain.com.br" =>

"connection" =>

"server" => "192.168.0.112",

"user" => "cn=Manager,o=mydomain,o=com,c=br",

"pass" => "password",

"options" =>

[

"LDAP_OPT_DEREF"

],

"basedn" => "o=mydomain,o=com,c=brr",

"groupbasedn" => "o=mydomain,o=com,c=br",

"userbasedn" => "o=mydomain,o=com,c=br",

"searchstring" => "uid=USER-NAME,o=mydomain,o=com,c=br",

"usernameattribute" => "uid",

"realnameattribute" => "cn",

"emailattribute" => "mail",

],

"authorization" =>

[

"rules" =>

[

"groups" =>

[

"required" => [ "cn=group_wiki,o=mydomain,o=com,c=br" ]

]

]

],

'groupsync' =>

[ "mechanism" => "mappedgroups",

"mapping" =>

[

"grupo_wiki" => "cn=group_wiki,ou=Group,o=icpbrasil,o=gov,c=br",

]

]

]

];

return new \MediaWiki\Extension\LDAPProvider\DomainConfigProvider\InlinePHPArray( $config ); };

the log file with the error...

ldap.log:

2021-02-15 21:49:06 wiki my-wiki: ldap_connect( $hostname = 'ldap://192.168.0.112:389', $port = 389 );

2021-02-15 21:49:06 wiki my-wiki: # __METHOD__ returns Resource id #17

2021-02-15 21:49:06 wiki my-wiki: ldap_set_option( $linkID, $option = 17, $newval = 3 )

; 2021-02-15 21:49:06 wiki my-wiki: # returns 1 2021-02-15 21:49:06 wiki my-wiki: ldap_set_option( $linkID, $option = 8, $newval = 0 );

2021-02-15 21:49:06 wiki my-wiki: # returns 1

2021-02-15 21:49:06 wiki my-wiki: ldap_set_option( $linkID, $option = , $newval = LDAP_OPT_DEREF );

2021-02-15 21:49:06 wiki my-wiki: # returns

2021-02-15 21:49:06 wiki my-wiki: ldap_bind( $linkID, $bindRDN = 'cn=Manager,o=mydomain,o=com,c=br', $bindPassword = 'XXXX' );

2021-02-15 21:49:06 wiki my-wikiI: # returns 1

2021-02-15 21:49:06 wiki my-wiki: ldap_bind( $linkID, $bindRDN = 'uid=teste,o=mydomain,o=com,c=br', $bindPassword = 'XXXX' ); 2021-02-15 21:49:06 wiki my-wiki: # returns


PluggableAuth.log:

2021-02-15 21:49:06 wiki my-wiki: In execute() 2021-02-15 21:49:06 wiki my-wiki: Getting PluggableAuth singleton

2021-02-15 21:49:06 wiki my-wiki: Class name: MediaWiki\Extension\LDAPAuthentication2\PluggableAuth

2021-02-15 21:49:06 wiki my-wiki: Authentication failure.

2021-02-15 21:49:06 wiki my-wiki: ERROR: Could not authenticate credentials against domain "o=mydomain,o=com,c=br"

]]

I do not know if any configuration is missing or if I did something wrong I am studying this new version already using version 1.24. If anyone can help I am grateful :)Computer code

Edited 22:32, 15 February 2021 3 years ago
There are no older topics
Retrieved from "https://www.mediawiki.org/wiki/User_talk:Wenfir"