On Fri, Jun 4, 2010 at 13:09, Martin Kunze <kunze.mar...@yahoo.de> wrote:
> Hey,
>
> there are some good news and some not so good ones.
>
> After I upgraded xwiki to Version 2.3.1 and reconfigured xwiki.cfg the
> ActiveDirectory-Authentication works. User now can login. But has no rights.
> Now of course, I have to set some groupmapping. I did it like that:
> xwiki.authentication.ldap.group_mapping=XWiki.GruppeA=cn=Standort,ou=Standortgruppen,ou=Gruppen,ou=Another
> Group
>
> So now, that doesn't work. There are three things I want to know:
> 1. do I have to add the "dc=domain,dc=suffix" string at the end?
The LDAP side has to be the full DN, so yes.
> 2. the last group contains a space - can that be a problem?
No, the DN can contains anything.
> 3. are there any other things that can be wrong?
No, it looks ok.
Did you checked if the user is added to the group ? If not then you
should look at the debug log.
>
> By the way, "GruppeA" exists in the wiki. I created it and granted some
> rights.
>
> Best Regards :-)
> Martin
>
>
>
> ________________________________
> Von: Thomas Mortagne <thomas.morta...@xwiki.com>
> An: XWiki Users <users@xwiki.org>
> Gesendet: Mittwoch, den 2. Juni 2010, 16:52:41 Uhr
> Betreff: Re: [xwiki-users] log4j doesn't log information about LDAP connection
>
> On Wed, Jun 2, 2010 at 13:26, Martin Kunze <kunze.mar...@yahoo.de> wrote:
>> Hello Thomas,
>>
>> this morning I had the possibility to restart the whole server on
>> which xwiki and tomcat are running.
>> You won't beleave me but now there is some Logging and the "Starting LDAP
>> authentication" string in the xwiki.log. crazy.
>>
>> But authentication fails. ("Invalid credentials"). xwiki.log sais the
>> following:
>> "The provided User is null. We don't try to authenticate, it probably means
>> the user is in non logged mode."
>
> This log is because when you access XWiki the authenticator is called
> with no user for SSO based authenticators.
>
> You should have another "Starting LDAP authentication" with different
> logs after this one, just look at the time when you try to
> authenticate and takes the logs from this time and send them here so
> that i can look at them.
>
>>
>> Any idea what that means here and what to do???
>>
>> Thanks for your help!!!
>>
>> --
>> Martin
>>
>>>Try setting "trace" level instead of "debug" and see if you have
>>>"Starting LDAP authentication" to really make sure you don't have log
>>>because of some very magical authenticator bug, that way we will at
>>>least know we have to focus in logging.
>>
>>
>>> xwiki.authentication.ldap=1
>>> xwiki.authentication.ldap.server=IP-Adress
>>> xwiki.authentication.ldap.port=389
>>> xwiki.authentication.ldap.base_DN=dc=domain,dc=suffix
>>> xwiki.authentication.ldap.bind_DN=domain\{0}
>>> xwiki.authentication.ldap.bind_pass={1}
>>> xwiki.authentication.ldap.UID_attr=sAMAccountName
>>
>>
>> _______________________________________________
>> users mailing list
>> users@xwiki.org
>> http://lists.xwiki.org/mailman/listinfo/users
>>
>
>
>
> --
> Thomas Mortagne
> _______________________________________________
> users mailing list
> users@xwiki.org
> http://lists.xwiki.org/mailman/listinfo/users
>
>
> _______________________________________________
> users mailing list
> users@xwiki.org
> http://lists.xwiki.org/mailman/listinfo/users
>
--
Thomas Mortagne
_______________________________________________
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
