[ZendTo] Multiple AD domains

Kevin Miller Kevin_Miller at ci.juneau.ak.us
Wed Oct 2 00:19:07 BST 2013


We've been using zendto for some time with our AD domain and it works a treat.  Recently however the need has arisen to expand it to include a second AD domain.  From the command line, I can perform the following ldapsearch and get the expected results (linewrap alert):

ldapsearch -x -LLL -E pr=200/noprompt -h 192.168.10.20 -D 'LDAP_Query at library.com' -w '**********' -b 'OU=Staff,DC=Library,DC=com' -s sub  (sAMAccountName=*)' cn mail memberOf

However when I try to log in as a user from the 2nd site, I get the following error message on the login page:
	Authentication Error
	The username or password was incorrect.

Are there some other settings I need to tweak?  Below is the AD authenticator section of preferences.php.  (And yes I've restarted the service, post tweaking.)

  'authenticator'             => 'AD',
  'authLDAPBaseDN1'           => array('OU=typical,OU=accounts,DC=cbj,DC=local',
                                       'OU=admin,OU=accounts,DC=cbj,DC=local'),
  'authLDAPServers1'          => array('city-dc1.cbj.local','city-dc2.cbj.local'),
  'authLDAPAccountSuffix1'    => '@cbj.local',
  'authLDAPUseSSL1'           => false,
  'authLDAPBindUser1'         => 'LDAP_Query at cbj.local',
  'authLDAPBindPass1'         => '**********',
  'authLDAPOrganization1'     => 'City and Borough of Juneau, Alaska',

  'authLDAPBaseDN2'           => 'OU=staff,DC=libary,DC=com',
//  'authLDAPServers2'          => array('junapp7.library.com','junmain3.library.com'),
  'authLDAPServers2'          => array('192.168.10.10','192.168.10.20'),
  'authLDAPAccountSuffix2'    => '@library.com',
  'authLDAPUseSSL2'           => false,
  'authLDAPBindUser2'         => 'ldap_query at library.com',
  'authLDAPBindPass2'         => '**********',
  'authLDAPOrganization2'     => 'Juneau Public Library',

TIA...

 ...Kevin
--
Kevin Miller
Network/email Administrator, CBJ MIS Dept.
155 South Seward Street
Juneau, Alaska 99801
Phone: (907) 586-0242, Fax: (907) 586-4500
Registered Linux User No: 307357 





More information about the ZendTo mailing list