[ZendTo] AD Auth issue
Craig Gilbert
Craig.Gilbert at nexus.org.uk
Fri Jun 16 08:00:41 BST 2017
Thanks for the assistance both of you. I think there was a more fundamental problem at hand with the install as I backed up preferences.php, internaldomains.conf & zendto.conf then deployed a new VM and it all works fine this time around. It's a shame I didn't find out exactly what was wrong, but at least it's working and I can get it off my to-do list now.
Kind Regards,
Craig Gilbert
Systems Architect
Nexus, Nexus House, St James' Boulevard, Newcastle upon Tyne, NE1 4AX
Tel 0191 203 3268
From: zendto-bounces at zend.to [mailto:zendto-bounces at zend.to] On Behalf Of Brian Novogradac
Sent: 15 June 2017 19:33
To: ZendTo Users <zendto at zend.to>
Subject: Re: [ZendTo] AD Auth issue
We had the same issue remember you are talking from linux to windows (which is like French to English IMO :) )
Try putting domain in from of BinduserID. That fixed our exact issue.
E.G. 'authLDAPBindUser1' => 'ADS\zendto',
Brian
From: zendto-bounces at zend.to<mailto:zendto-bounces at zend.to> [mailto:zendto-bounces at zend.to] On Behalf Of Craig Gilbert
Sent: Wednesday, June 14, 2017 10:07 AM
To: zendto at zend.to<mailto:zendto at zend.to>
Subject: [ZendTo] AD Auth issue
Hello all,
We are attempting to deploy ZendTo in our environment but are having issues with AD auth.
We have reviewed the page at http://zend.to/activedirectory.php and are getting results from the example ldapsearch command.
Our AD authenticator settings in preferences.php are as follows (redacted identifying info):
'authenticator' => 'AD',
'authLDAPBaseDN1' => 'OU=User Accounts,OU=Company,DC=domain,DC=local',
'authLDAPServers1' => array('dc1.domain.local','dc2.domain.local','dc3.domain.local','dc4.domain.local'),
'authLDAPAccountSuffix1' => '@domain.local',
'authLDAPUseSSL1' => false,
'authLDAPBindUser1' => 'zendto',
'authLDAPBindPass1' => 'password',
'authLDAPOrganization1' => 'Company',
// If you are not using this 2nd set of settings for a 2nd AD forest,
// do not comment them out, but instead set them to be empty.
'authLDAPBaseDN2' => '',
// Set
'authLDAPServers2' => array(),
// if you only have to search 1 AD forest/domain.
'authLDAPServers2' => array(),
'authLDAPAccountSuffix2' => '',
'authLDAPUseSSL2' => false,
'authLDAPBindUser2' => '',
'authLDAPBindPass2' => '',
'authLDAPOrganization2' => '',
Every time we try to authenticate with a valid user using either a sAMAccountName or userPrincipalName, the error 'Authentication Error
The username or password was incorrect.' Is shown in ZendTo. If it matters, our users are in a Sub-OU of the value in authLDAPBaseDN1, however they are shown in the ldapsearch command.
Any assistance is greatly appreciated.
Kind Regards,
Craig Gilbert
Systems Architect
Nexus, Nexus House, St James' Boulevard, Newcastle upon Tyne, NE1 4AX
Tel 0191 203 3268
**********************************************************************************
Any views or opinions expressed by the sender of this message do not
necessarily represent those of Nexus.
This message is intended for the addressee only. It is confidential and
may contain private or privileged information. It must not be copied or
its contents disclosed to anyone other than the addressee. If it is
delivered to you in error please destroy all copies of it immediately and
contact the sender.
Please note that neither Nexus nor the sender accepts any responsibility
for viruses and it is your responsibility to scan or otherwise check this
email and any attachments.
**********************************************************************************
**********************************************************************************
Any views or opinions expressed by the sender of this message do not
necessarily represent those of Nexus.
This message is intended for the addressee only. It is confidential and
may contain private or privileged information. It must not be copied or
its contents disclosed to anyone other than the addressee. If it is
delivered to you in error please destroy all copies of it immediately and
contact the sender.
Please note that neither Nexus nor the sender accepts any responsibility
for viruses and it is your responsibility to scan or otherwise check this
email and any attachments.
**********************************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20170616/2131f4fa/attachment.html
More information about the ZendTo
mailing list