[ZendTo] {Disarmed} RE: Re: {Disarmed} RE: Re: issue with rendered site

Erik Britt ebritt at cshlaw.com
Thu Dec 12 21:26:44 GMT 2013


Richard,

We are a single domain environment.

It seems like despite doing the credential validation on the DC it’s like Zendto doesn’t know what users can log in.

Erik




[http://www.cshlaw.com/images/elogo_stacked.jpg]<http://www.cshlaw.com/>



Erik Britt
IT Department
e-mail<mailto:ebritt at cshlaw.com>
www.cshlaw.com<http:/www.cshlaw.com>


p       +19198638828
f       +19198633427

Post Office Box 27808
Raleigh NC 27611-7808


From: zendto-bounces at zend.to [mailto:zendto-bounces at zend.to] On Behalf Of Richard Patterson
Sent: Thursday, December 12, 2013 4:16 PM
To: ZendTo Users
Subject: [ZendTo] Re: {Disarmed} RE: Re: issue with rendered site

Erik,

Ok...

Are you in a multi-domain environment, or a single domain?

When logging in (at the front end), ZendTo strips off anything before a back slash (\) and after an @ sign, and appends the suffix before doing the lookup with LDAP, so you will need to leave the suffix as @domain.com<http://domain.com> (or rather @domain.local i.e. the internal domain name).

It doesn’t append the suffix for the bind user, so try setting it as you had it with the @domain.com<http://domain.com> bit.

My setup is a single domain, and I had my settings as per the settings i sent through.

I’ve also raised the function level to 2008R2 to test that it still works… which it does.

I feel you are very close to getting it sorted.

Let me know how you get on with the above.

Regards

Richard



--
Richard Patterson

HelpQuick Ltd
The headquarters of
innovative IT solutions

Office: 0191 2582888, Fax: 0191 6408666
Web: http://www.helpquick.co.uk<http://www.helpquick.co.uk/>

Have you used our services? Why not write a review on the FreeIndex<http://www.freeindex.co.uk/wr.htm?id=144533&br=1> website

HelpQuick Limited, Registered in England & Wales, Company number
5334746, Vat registration number: 859 6133 89, Registered office:
18 Camden Square, North Shields, NE30 1NR, UK


On 12 Dec 2013, at 18:32, Erik Britt <ebritt at cshlaw.com<mailto:ebritt at cshlaw.com>> wrote:



I have changed these fields, This is the only entry I get on the DC:
<image001.png>
Which I get for my account and the account set to bind.

Without either domain\user or user at domain.com<mailto:user at domain.com> I get this error:
<image002.png>

Our domain controllers are Server 2008 R2 and I did create this Zendto box from the VM.

Thank you,





[cid:~WRD000.jpg]<http://www.cshlaw.com/>




Erik Britt
IT Department
e-mail<mailto:ebritt at cshlaw.com>
MailScanner has detected a possible fraud attempt from "http:" claiming to bewww.cshlaw.com<http://www.cshlaw.com/>

p

+19198638828

f

+19198633427


Post Office Box 27808
Raleigh NC 27611-7808


From: zendto-bounces at zend.to<mailto:zendto-bounces at zend.to> [mailto:zendto-bounces at zend.to] On Behalf Of Richard Patterson
Sent: Thursday, December 12, 2013 12:26 PM
To: ZendTo Users
Subject: [ZendTo] Re: issue with rendered site

Please try setting the 'authLDAPAccountSuffix1' => '@domain.com<http://domain.com/>',

Also, remove the @domain.com<http://domain.com/> from the 'authLDAPBindUser1' setting.

Try setting the servers to just 1 server (easier to check logs, etc.)

Do you get anything in the logs on the server when trying to authenticate?

Which version of windows are you on?

Are you using the VM from Zend.To, or have you installed it yourself?

Regards

Richard

On 12/12/2013 16:56, Erik Britt wrote:
Richard thank you for your suggestions. I am able to resolve the DC’s by name from the Zendto box, (I added the info in the hosts file for good measure). I also don’t think we’re having a firewall issue/port issue, we get the same result with SSL turned on or off.

Currently, when turned off it appears the site will cannot find either my usernames or passwords.
<image003.jpg>
Here’s the AD entry in my preferences file:
'authenticator'             => 'AD',
'authLDAPBaseDN1'           => 'DC=domain,DC=com',

'authLDAPServers1'          => array('0.0.0.4','0.0.0.7','0.0.0.9'),    ----(our 3 domain controller's ip addresses)

'authLDAPAccountSuffix1'    => '',

'authLDAPUseSSL1'           => false,

'authLDAPBindUser1'         => 'user at domain.com<mailto:user at domain.com>',

'authLDAPBindPass1'         => '********',

'authLDAPOrganization1'     => '',
  // If you are not using this 2nd set of settings for a 2nd AD forest,
  // do not comment them out, but instead set them to be empty.
'authLDAPBaseDN2'           => '',
// Set
//            'authLDAPServers2'          => array(),
'authLDAPAccountSuffix2'    => '',

'authLDAPUseSSL2'           => false,

'authLDAPBindUser2'         => '',

'authLDAPBindPass2'         => '',

'authLDAPOrganization2'     => '',


-- snip --



Confidentiality Notice:  If you are not the intended recipient of this message, you are not authorized to intercept, read, print, retain, copy, forward, or disseminate this communication. This communication may contain information that is proprietary, attorney/client privileged, attorney work product, confidential or otherwise legally exempt from disclosure. If you have received this message in error, please notify the sender immediately either by phone (800-849-4444) or by return e-mail and destroy all copies of this message (electronic, paper, or otherwise).
_______________________________________________
ZendTo mailing list
ZendTo at zend.to<mailto:ZendTo at zend.to>
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20131212/de9930a0/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ~WRD000.jpg
Type: image/jpeg
Size: 823 bytes
Desc: ~WRD000.jpg
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20131212/de9930a0/attachment-0001.jpg 


More information about the ZendTo mailing list