[ZendTo] Re: AD authentication

ROGERS Richard M Richard.Rogers at staffs.ac.uk
Wed Nov 11 09:57:55 GMT 2015 

At a quick glance, the only difference in principle I can see from ours is we don't have "array(...)" for the authLDAPBaseDN1.

In other words, the form is like:
'authLDAPBaseDN1'   => 'OU=staff,DC=dixon,DC=local',

I haven't tried changing this to see if it breaks ;-)

Otherwise, are there any clues to be had from the AD server? (the login failure code may shed some light). I'm assuming there are no firewall issues here...

Regards

Richard

From: zendto-bounces at zend.to [mailto:zendto-bounces at zend.to] On Behalf Of Chris Dixon
Sent: 11 November 2015 02:47
To: zendto at zend.to
Subject: [ZendTo] AD authentication

Hello,
                I cannot seem to get AD authentication to work properly. I am able to use the ldapserch tool to connect and pull information from my lab setup; however, when I attempt to login I keep getting "Authentication Error, The Username and Password was incorrect". I've included the ldapsearch text and my AD portion preferences.php file that I'm using for my AD bind. Can anyone offer a suggestion as to where to look for my mistake?

ldapsearch -x -LLL -E pr=200/noprompt -h 192.168.1.142 -D 'ad at dixon.local' -w 'Password' -b 'OU=staff,DC=dixon,DC=local' -s sub  '(sAMAccountName=*)'


  'authenticator'                                  => 'AD',
  'authLDAPBaseDN1'                        => array('OU=staff,DC=dixon,DC=local'),
  'authLDAPServers1'                        => array('192.168.1.142'),
  'authLDAPAccountSuffix1'           => '@dixon.local',
  'authLDAPUseSSL1'                         => false,
  'authLDAPBindUser1'                     => 'ad at dixon.local',
  'authLDAPBindPass1'                     => 'Password',
  'authLDAPOrganization1'             => 'Dixon',
  // If you are not using this 2nd set of settings for a 2nd AD forest,
  // do not comment them out, but instead set them to be empty.
  'authLDAPBaseDN2'                    => '',
  // Set
  //     'authLDAPServers2'            => array(),
  // if you only have to search 1 AD forest/domain.
  'authLDAPServers2'                     => array(),
  'authLDAPAccountSuffix2'        => '',
  'authLDAPUseSSL2'                      => false,
  'authLDAPBindUser2'                  => '',
  'authLDAPBindPass2'                  => '',
  'authLDAPOrganization2'          => '',

Thanks,

Chris Dixon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20151111/68932495/attachment-0001.html

More information about the ZendTo mailing list