<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
John,<br>
<br>
Please don't comment out settings you don't want to specify (such as
the service account credentials, etc). Just leave them set to an
empty string. Then 'upgrade' will be happy.<br>
<br>
Cheers,<br>
Jules.<br>
<br>
<div class="moz-cite-prefix">On 22/07/2020 19:01, John Thurston via
ZendTo wrote:<br>
</div>
<blockquote type="cite"
cite="mid:WM!34fa42006b29171c9f84bd048128d9dfce9a2be5c16c1f0e780607d3f4e22dd9891abe01a16b4ef2388b462e6ae47689!@mx.jul.es"><br>
On 7/22/2020 9:08 AM, Jules wrote:
<br>
<blockquote type="cite">But if you are using the LDAP
authenticator, surely you have to define those values for the
authenticator to work at all.
<br>
I don't quite see how you are using the LDAP authenticator
successfully with no settings for it whatsoever.
<br>
</blockquote>
<br>
Because our internal directory has all of our users in one OU
(which is defined as the BaseDN, so no directory searching is
required). No search, hence no authenticated service account,
hence those values are commented out.
<br>
<br>
<br>
The relevant output (slightly sanitized) of uncommented lines from
preferences.cfg
<br>
<br>
<blockquote type="cite"> 'authenticator' => 'LDAP',
<br>
<br>
'authIMAPServer' => 'mail.soton.ac.uk',
<br>
'authIMAPDomain' => 'soton.ac.uk',
<br>
'authIMAPOrganization' => 'University of Southampton',
<br>
'authIMAPAdmins' => array(),
<br>
<br>
'authLDAPBaseDN' => 'OU=ourusers,o=state.ak.us',
<br>
'authLDAPServers' =>
array('ldap1.state.ak.us','ldap2.state.ak.us'),
<br>
'authLDAPAccountSuffix' => '@alaska.gov',
<br>
'authLDAPUseSSL' => true,
<br>
'authLDAPFullName' => 'givenName sn',
<br>
<br>
'authLDAPServers1' =>
array('ad1.ecs.soton.ac.uk','ad2.ecs.soton.ac.uk'),
<br>
'authLDAPBaseDN1' =>
'OU=users,DC=ecs,DC=soton,DC=ac,DC=uk',
<br>
'authLDAPAccountSuffix1' => '@ecs.soton.ac.uk',
<br>
'authLDAPUseSSL1' => false,
<br>
'authLDAPUseTLS1' => false,
<br>
'authLDAPBindUser1' => 'SecretUsername1',
<br>
'authLDAPBindPass1' => 'SecretPassword1',
<br>
'authLDAPOrganization1' => 'ECS, University of
Southampton',
<br>
'authLDAPUsernameAttribute1' => 'sAMAccountName',
<br>
'authLDAPServers2' =>
array('ad1.soton.ac.uk','ad2.soton.ac.uk'),
<br>
'authLDAPBaseDN2' => 'DC=soton,DC=ac,DC=uk',
<br>
'authLDAPAccountSuffix2' => '@soton.ac.uk',
<br>
'authLDAPUseSSL2' => false,
<br>
'authLDAPUseTLS2' => false,
<br>
'authLDAPBindUser2' => 'SecretUsername2',
<br>
'authLDAPBindPass2' => 'SecretPassword2',
<br>
'authLDAPOrganization2' => 'University of Southampton',
<br>
'authLDAPUsernameAttribute2' => '',
<br>
'authLDAPServers3' =>
array('ad1.example.com','ad2.example.com'),
<br>
'authLDAPBaseDN3' => 'DC=example,DC=com',
<br>
'authLDAPAccountSuffix3' => '@example.com',
<br>
'authLDAPUseSSL3' => false,
<br>
'authLDAPUseTLS3' => false,
<br>
'authLDAPBindUser3' => 'SecretUsername3',
<br>
'authLDAPBindPass3' => 'SecretPassword3',
<br>
'authLDAPOrganization3' => 'Example Inc.',
<br>
'authLDAPUsernameAttribute3' => '',
<br>
<br>
'authMultiAuthenticators' => array('AD', 'Local'),
<br>
</blockquote>
<br>
<br>
<br>
--
<br>
Do things because you should, not just because you can.
<br>
<br>
John Thurston 907-465-8591
<br>
<a class="moz-txt-link-abbreviated" href="mailto:John.Thurston@alaska.gov">John.Thurston@alaska.gov</a>
<br>
Department of Administration
<br>
State of Alaska
<br>
<br>
_______________________________________________
<br>
ZendTo mailing list
<br>
<a class="moz-txt-link-abbreviated" href="mailto:ZendTo@zend.to">ZendTo@zend.to</a>
<br>
<a class="moz-txt-link-freetext" href="http://jul.es/mailman/listinfo/zendto">http://jul.es/mailman/listinfo/zendto</a>
<br>
</blockquote>
<br>
<pre class="moz-signature" cols="72">Jules
--
Julian Field MEng CEng CITP MBCS MIEEE MACM
'When a man points a finger at someone else, he should remember
that four of his fingers are pointing at himself.' - Louis Nizer
<a class="moz-txt-link-abbreviated" href="http://www.Zend.To">www.Zend.To</a>
Twitter: @JulesFM
</pre>
</body>
</html>