[ZendTo] Multiple AD domains
Kevin Miller
Kevin_Miller at ci.juneau.ak.us
Wed Oct 2 00:19:07 BST 2013
We've been using zendto for some time with our AD domain and it works a treat. Recently however the need has arisen to expand it to include a second AD domain. From the command line, I can perform the following ldapsearch and get the expected results (linewrap alert):
ldapsearch -x -LLL -E pr=200/noprompt -h 192.168.10.20 -D 'LDAP_Query at library.com' -w '**********' -b 'OU=Staff,DC=Library,DC=com' -s sub (sAMAccountName=*)' cn mail memberOf
However when I try to log in as a user from the 2nd site, I get the following error message on the login page:
Authentication Error
The username or password was incorrect.
Are there some other settings I need to tweak? Below is the AD authenticator section of preferences.php. (And yes I've restarted the service, post tweaking.)
'authenticator' => 'AD',
'authLDAPBaseDN1' => array('OU=typical,OU=accounts,DC=cbj,DC=local',
'OU=admin,OU=accounts,DC=cbj,DC=local'),
'authLDAPServers1' => array('city-dc1.cbj.local','city-dc2.cbj.local'),
'authLDAPAccountSuffix1' => '@cbj.local',
'authLDAPUseSSL1' => false,
'authLDAPBindUser1' => 'LDAP_Query at cbj.local',
'authLDAPBindPass1' => '**********',
'authLDAPOrganization1' => 'City and Borough of Juneau, Alaska',
'authLDAPBaseDN2' => 'OU=staff,DC=libary,DC=com',
// 'authLDAPServers2' => array('junapp7.library.com','junmain3.library.com'),
'authLDAPServers2' => array('192.168.10.10','192.168.10.20'),
'authLDAPAccountSuffix2' => '@library.com',
'authLDAPUseSSL2' => false,
'authLDAPBindUser2' => 'ldap_query at library.com',
'authLDAPBindPass2' => '**********',
'authLDAPOrganization2' => 'Juneau Public Library',
TIA...
...Kevin
--
Kevin Miller
Network/email Administrator, CBJ MIS Dept.
155 South Seward Street
Juneau, Alaska 99801
Phone: (907) 586-0242, Fax: (907) 586-4500
Registered Linux User No: 307357
More information about the ZendTo
mailing list