[ZendTo] Re: Multiple AD domains

Jules Jules at Zend.To
Wed Oct 2 09:35:52 BST 2013 

On 02/10/2013 00:19, Kevin Miller wrote:
> We've been using zendto for some time with our AD domain and it works a treat.  Recently however the need has arisen to expand it to include a second AD domain.  From the command line, I can perform the following ldapsearch and get the expected results (linewrap alert):
>
> ldapsearch -x -LLL -E pr=200/noprompt -h 192.168.10.20 -D 'LDAP_Query at library.com' -w '**********' -b 'OU=Staff,DC=Library,DC=com' -s sub  (sAMAccountName=*)' cn mail memberOf
>
> However when I try to log in as a user from the 2nd site, I get the following error message on the login page:
> 	Authentication Error
> 	The username or password was incorrect.
>
> Are there some other settings I need to tweak?  Below is the AD authenticator section of preferences.php.  (And yes I've restarted the service, post tweaking.)
>
>    'authenticator'             => 'AD',
>    'authLDAPBaseDN1'           => array('OU=typical,OU=accounts,DC=cbj,DC=local',
>                                         'OU=admin,OU=accounts,DC=cbj,DC=local'),
>    'authLDAPServers1'          => array('city-dc1.cbj.local','city-dc2.cbj.local'),
>    'authLDAPAccountSuffix1'    => '@cbj.local',
>    'authLDAPUseSSL1'           => false,
>    'authLDAPBindUser1'         => 'LDAP_Query at cbj.local',
>    'authLDAPBindPass1'         => '**********',
>    'authLDAPOrganization1'     => 'City and Borough of Juneau, Alaska',
>
>    'authLDAPBaseDN2'           => 'OU=staff,DC=libary,DC=com',
You can't spell "Library". You missed the first "r".
> //  'authLDAPServers2'          => array('junapp7.library.com','junmain3.library.com'),
>    'authLDAPServers2'          => array('192.168.10.10','192.168.10.20'),
>    'authLDAPAccountSuffix2'    => '@library.com',
>    'authLDAPUseSSL2'           => false,
>    'authLDAPBindUser2'         => 'ldap_query at library.com',
>    'authLDAPBindPass2'         => '**********',
>    'authLDAPOrganization2'     => 'Juneau Public Library',
>
> TIA...
>
>   ...Kevin
> --
> Kevin Miller
> Network/email Administrator, CBJ MIS Dept.
> 155 South Seward Street
> Juneau, Alaska 99801
> Phone: (907) 586-0242, Fax: (907) 586-4500
> Registered Linux User No: 307357
>
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>
> Jules
>
> -- 
> Julian Field MEng MBCS CITP CEng
>
> 'Intelligence is quickness to apprehend as distinct from ability,
>   which is capacity to act wisely on the thing apprehended.'
>   - Alfred North Whitehead
>
> www.Zend.To
> Twitter: @JulesFM
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

More information about the ZendTo mailing list