Jump to content

Topic on Extension talk:LdapAuth/Flow

46.189.19.66 (talkcontribs)

Hello Trix Tri,


i can't bind our LDAP Users (Debian 8 openLDAP Server)

My Config...

wfLoadExtension( 'LdapAuth' );

$wgGroupPermissions['*']['autocreateaccount'] = true;

$wgLdapAuthDomainNames = 'Domain'; <- Can i use any Name here?

$wgLdapAuthServers = 'IP';

$wgLdapAuthBindDN = 'cn=user,dc=domain,dc=com';

$wgLdapAuthBindPass = 'password';

$wgLdapAuthBaseDN = 'ou=people,ou=PDF,l=location,dc=domain,dc=com';

$wgLdapAuthSearchFilter = '(&(objectClass=person)(uid=%1$s))';

$wgLdapAuthUsernameField = 'uid';

$wgLdapAuthSearchTree = true;

$wgLdapAuthUseLocal = true;

$wgLdapAuthEncryptionType = false;

$wgLdapAuthIsActiveDirectory = false;

$wgLdapAuthRequireDomain = true;


uid = user.name


In LDAP log comes this error...

ldap slapd[777]: conn=14420181 op=1 do_bind: invalid dn (user.name@Domain)


LDAP structur

uid=user.name,ou=people,ou=PDF,l=location,dc=domain,dc=com


What goes wrong?

TrixTri (talkcontribs)

Copy my entire config in the post 'Mediawiki 1.33' keeping the same format which is quite different to what you are using.

One thing you can modify is the search filter, mine will only allow users in a particular group, if you want to allow all users change the line to

$wgLdapAuthSearchFilter = ['domain' => '(&(objectClass=user)(sAMAccountName=%1$s))'];

Reply to "do_bind: invalid dn"