[ZendTo] AD Auth issue

Craig Gilbert Craig.Gilbert at nexus.org.uk
Wed Jun 14 15:06:34 BST 2017


Hello all,

We are attempting to deploy ZendTo in our environment but are having issues with AD auth.

We have reviewed the page at http://zend.to/activedirectory.php and are getting results from the example ldapsearch command.

Our AD authenticator settings in preferences.php are as follows (redacted identifying info):

  'authenticator'             => 'AD',
  'authLDAPBaseDN1'           => 'OU=User Accounts,OU=Company,DC=domain,DC=local',
  'authLDAPServers1'          => array('dc1.domain.local','dc2.domain.local','dc3.domain.local','dc4.domain.local'),
  'authLDAPAccountSuffix1'    => '@domain.local',
  'authLDAPUseSSL1'           => false,
  'authLDAPBindUser1'         => 'zendto',
  'authLDAPBindPass1'         => 'password',
  'authLDAPOrganization1'     => 'Company',
  // If you are not using this 2nd set of settings for a 2nd AD forest,
  // do not comment them out, but instead set them to be empty.
  'authLDAPBaseDN2'           => '',
  // Set
       'authLDAPServers2' => array(),
  // if you only have to search 1 AD forest/domain.
  'authLDAPServers2'          => array(),
  'authLDAPAccountSuffix2'    => '',
  'authLDAPUseSSL2'           => false,
  'authLDAPBindUser2'         => '',
  'authLDAPBindPass2'         => '',
  'authLDAPOrganization2'     => '',

Every time we try to authenticate with a valid user using either a sAMAccountName or userPrincipalName, the error  'Authentication Error
The username or password was incorrect.' Is shown in ZendTo. If it matters, our users are in a Sub-OU of the value in authLDAPBaseDN1, however they are shown in the ldapsearch command.

Any assistance is greatly appreciated.

Kind Regards,

Craig Gilbert
Systems Architect

Nexus, Nexus House, St James' Boulevard, Newcastle upon Tyne, NE1 4AX
Tel 0191 203 3268

**********************************************************************************
Any views or opinions expressed by the sender of this message do not
necessarily represent those of Nexus.

This message is intended for the addressee only. It is confidential and
may contain private or privileged information. It must not be copied or
its contents disclosed to anyone other than the addressee. If it is
delivered to you in error please destroy all copies of it immediately and
contact the sender.

Please note that neither Nexus nor the sender accepts any responsibility
for viruses and it is your responsibility to scan or otherwise check this
email and any attachments.  
**********************************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20170614/57347cd2/attachment.html 


More information about the ZendTo mailing list