[ZendTo] AD Authentication

Kevin Miller Kevin_Miller at ci.juneau.ak.us
Fri Jun 1 21:03:11 BST 2012 

Having a bit of trouble with AD authentication.

Our AD domain is cbj.local (strictly internal) while our publically viewable internet and email domain is ci.juneau.ak.us.
Server is centos 6, mysql backend, named zendto.ci.juneau.ak.us

When I fire up the web page I get error notices at the top of the page and corresponding messages in /var/log/http/error.log:

[Fri Jun 01 11:02:19 2012] [error] [client 199.58.55.10] PHP Notice:  Undefined index: HTTPS in /opt/zendto/lib/NSSDropbox.php on line 42
[Fri Jun 01 11:02:19 2012] [error] [client 199.58.55.10] PHP Notice:  Undefined index: HTTPS in /opt/zendto/lib/NSSDropbox.php on line 48
[Fri Jun 01 11:02:19 2012] [error] [client 199.58.55.10] PHP Notice:  Undefined index: authLDAPAdmins in /opt/zendto/lib/NSSADAuthenticator.php on line 83
[Fri Jun 01 11:02:19 2012] [error] [client 199.58.55.10] PHP Notice:  Undefined index: authLDAPMemberKey in /opt/zendto/lib/NSSADAuthenticator.php on line 104
[Fri Jun 01 11:02:19 2012] [error] [client 199.58.55.10] PHP Notice:  Undefined index: authLDAPMemberRole in /opt/zendto/lib/NSSADAuthenticator.php on line 105

What am I doing wrong there - what's missing?

When I try to log in, the following is displayed on the web page:
-----------------------------------------------------------
Connected to city-dc1.cbj.local but could not bind, it said 
	Invalid credentials
Connected to city-dc2.cbj.local but could not bind, it said 
	Invalid credentials
 	LDAP Error
Check User: Unable to connect to any of the authentication servers; could not authenticate user.
	LDAP Error
Check User: Unable to connect to any of the authentication servers; could not authenticate user.
 	LDAP Error
Check User: Unable to connect to any of the LDAP servers; could not authenticate user.
 	Authentication Error
The username or password was incorrect.
-----------------------------------------------------------

The username and password specified in authLDAPBindUser1 and authLDAPBindPass1 are valid.  I've logged into the domain using them.

Do I need to install samba and winbind to use AD authentication?  It doesn't seem to be mentioned in the instructions anywhere so I haven't.

 ...Kevin
--
Kevin Miller
Network/email Administrator, CBJ MIS Dept.
155 South Seward Street
Juneau, Alaska 99801
Phone: (907) 586-0242, Fax: (907) 586-4500
Registered Linux User No: 307357

More information about the ZendTo mailing list