Hi Ryan,
I hope you can help me.
We try to restrict the access based on LDAP group but it is not working.
This is the current config:
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array( 'DOMAIN');
$wgLDAPServerNames = array( 'DOMAIN' => 'xx1.corp.DOMAIN.com xx2.corp.DOMAIN.com');
$wgLDAPSearchStrings = array('DOMAIN' => 'DOMAIN\\USER-NAME');
$wgLDAPEncryptionType = array( 'DOMAIN' => 'false');
$wgLDAPUseLocal = false;
$wgMinimalPasswordLength = 1;
$wgLDAPBaseDNs = array( 'DOMAIN' => 'DC=corp,DC=DOMAIN,DC=com');
$wgLDAPUserBaseDNs = array( 'DOMAIN' => 'OU=users,DC=corp,DC=DOMAIN,DC=com' );
$wgLDAPGroupBaseDNs = array( 'DOMAIN' => 'OU=applications,OU=groups,DC=corp,DC=DOMAIN,DC=com' );
$wgLDAPSearchAttributes = array( 'DOMAIN' => 'usernameoftheaccount' );
$wgLDAPGroupNameAttribute = array( 'DOMAIN' => 'cn' );
$wgLDAPActiveDirectory = array( 'DOMAIN' => true );
$wgLDAPUseLDAPGroups = array( 'DOMAIN' => true );
$wgLDAPGroupUseFullDN = array( 'DOMAIN' => true );
$wgLDAPGroupObjectclass = array( 'DOMAIN' => 'group');
$wgLDAPGroupAttribute = array( 'DOMAIN' => 'user' );
$wgLDAPRequiredGroups = array( 'DOMAIN' => array( 'CN=thisisthenameoftheadgroup,OU=applications,OU=groups,DC=corp,DC=DOMAIN,DC=com' ) );
In the log i can see that not able to find user in the 'thisisthenameoftheadgroup' group.
Do you have any idea why?
The login is working without the LDAPRequiredGroups paramter.
Thank you in advance,
Br,
Janaboy