[ZendTo] Re: AD Authentication Won't Work

JC Putter jcputter at numata.co.za
Tue Feb 1 21:13:06 GMT 2011


'authenticator'             => 'AD',

  'authLDAPAdmins'            => array('test'),

  'authLDAPBaseDN1'           => 'DC=ad,DC=contoso,DC=com',

  'authLDAPServers1'          => array('ad1.contoso.com'),

  'authLDAPAccountSuffix1'    => '@contoso.com',

  'authLDAPUseSSL1'           => false,

  'authLDAPBindUser1'         =>
'CN=Administrator,CN=Users,DC=contoso,DC=com',

  'authLDAPBindPass1'         => 'password,

  'authLDAPOrganization1'     => 'Moore Stephens',

  //'authLDAPBaseDN2'           => 'DC=soton,DC=ac,DC=uk',

  //'authLDAPServers2'          => array(),

  //'authLDAPAccountSuffix2'    => '@soton.ac.uk',

  //'authLDAPUseSSL2'           => false,

  //'authLDAPBindUser2'         => '',

  //'authLDAPBindPass2'         => '',

  //'authLDAPOrganization2'     => 'University of Southampton',

 

This is a sample of my working config...

 

As Jules pointed out use ldapsearch to workout and troubleshoot using
connection to AD

 

If you only have one domain, uncomment the rest and remove everything in the
array in authLDAPServer2

 

 

 

From: zendto-bounces at zend.to [mailto:zendto-bounces at zend.to] On Behalf Of
Joshua F. Withrow
Sent: 01 February 2011 11:04 PM
To: zendto at zend.to
Subject: [ZendTo] AD Authentication Won't Work

 

I have everything else working aside from AD authentication.  I have tried
every format and combination I can think of and even referenced the
NSSADAuthenticator source and project on Google Code looking for hints.

 

Error:


Description: [error]

LDAP Error


Check User: Unable to connect to any of the authentication servers; could
not authenticate user.


Description: [error]

LDAP Error


Check User: Unable to connect to any of the authentication servers; could
not authenticate user.


Description: [error]

LDAP Error


Check User: Unable to connect to any of the LDAP servers; could not
authenticate user.


Description: [error]

Authentication Error


The username or password was incorrect.

 

 

 

Preferences.php

//

  // Settings for the 2-forest/2-domain AD authenticator.

  // Set

  //     'authLDAPServers2' => array(),

  // if you only have to search 1 AD forest/domain.

  //

  'authenticator'             => 'AD',

  'authLDAPAdmins'            => array('usah','yewzah'),

  'authLDAPBaseDN1'           => 'DC=matech,DC=local',

  'authLDAPServers1'          => array('ad1','ad2'),

  'authLDAPAccountSuffix1'    => '@matech.local',

  'authLDAPUseSSL1'           => true,

  'authLDAPBindUser1'         => 'Admin',

  'authLDAPBindPass1'         => '********************',

  'authLDAPOrganization1'     => 'MaTech',

  'authLDAPBaseDN2'           => 'DC=matech,DC=local',

  'authLDAPServers2'          =>
array('ad1.matech.local','ad2.matech.local'),

  'authLDAPAccountSuffix2'    => '@matech.local',

  'authLDAPUseSSL2'           => true,

  'authLDAPBindUser2'         => 'Admin',

  'authLDAPBindPass2'         => '********************',

  'authLDAPOrganization2'     => 'MaTech',

 

  // the default email domain when just usernames are supplied

  'defaultEmailDomain' => 'matech.net',

 

 

  _____  

This message is the property of Machining Technologies, Inc (MaTech) and the
Information contained herein may be/is subject to the Code of Federal
Regulations Chapter 22 International Traffic in Arms Regulations (ITAR).
This data may not be resold, diverted, transferred, transshipped, made
available to a foreign national within the United States, or otherwise
disposed of in any other country outside of its intended destination, either
in original form or after being incorporated through an intermediate process
into other data without the prior written approval of the US Department of
State. The information in this e-mail and subsequent attachments may contain
legally privileged, proprietary and/or confidential information that is
intended only for the use of the addressee(s).
No addressee should forward, print, copy or otherwise reproduce this message
in any manner that would allow it to be viewed by any individual not
originally listed as the recipient. If you are not the intended recipient,
you are hereby notified that any disclosure, copying, distribution,
retention or use of the contents of this e-mail information is prohibited.
If you have received this communication in error, please immediately notify
the sender by telephone or return e-mail and delete this e-mail. Thank You.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20110201/cceb5a99/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 3981 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20110201/cceb5a99/attachment-0001.png 


More information about the ZendTo mailing list