Loading...
 
LDAP / Active directory

LDAP / Active directory


AD in Windows for TikiWiki 3.1

Hi there,

I'm pretty new to TikiWiki, but I definitely like its features and its ease of use. Great job! Compared to MediaWiki for example.

I try to set up an interal wiki for collaboration in our support team. Our company uses Active Directory and of course I would like to use this for login.

I read through the instructions and came up with the following settings:


Host: our.AD.server
Port: 386
Search scope: Subtree
LDAP version: 3
Realname attribute: displayName
Country attribute:
E-mail attribute:
Base DN: DC=ACL,DC=com

LDAP User
User DN: OU=Technical Support,OU=Professional Services,OU=Common
User attribute: sAMAccountName
User OC: *

LDAP Group
Group DN:
Group attribute: cn
Group OC: groupOfUniqueNames

LDAP Member
Member attribute: uniqueMember
Member is DN: checked

LDAP Admin
Admin user: my_user_name

When I try then to connect with my user name, which works with the ADExplorer and other instances, I get an invalid password message.
The php message was

PHP (5.2.6) ERROR (E_WARNING):
File: C:\wamp\www\tikiwiki\lib\pear\Auth\Container\LDAP.php
Line: 593
Type: ldap_search() function.ldap-search: Search: Operations error

The binding seems to work as I tried to debug the LDAP.php and the string for ldap_search looks ok.

I use a WAMP Windows machine with Apache 2.2.10, PHP 5.2.6, MySQL 5.1.30 and TikiWiki 3.1

Any help would be highly appreciated, even suggestions to better debug this.
I'm also not an AD expert, so I just took the designated name from the ADExplorer for my user account and extracted the OU part. I assume this is the right path. Let me know otherwise.

Thanks,
Johannes

Problem solved:

I put for the LDAP Admin user my full email address like

firstname_last@yourdomain.com

The solved the issue and let me login to create a TikiWiki user from my LDAP.

Thanks for the help in the IRC from Marc and Email by Greg!


United States

Johannes, LDAP expects a DN in the username field. Your userPrincipalName will work as well for AD as it is unambiguous in AD. Simply specifying your id (i.e. gmartin)could be ambiguous.

Thanks for posting back

\\Greg


Upcoming Events

1)  18 Apr 2024 14:00 GMT-0000
Tiki Roundtable Meeting
2)  16 May 2024 14:00 GMT-0000
Tiki Roundtable Meeting
3)  20 Jun 2024 14:00 GMT-0000
Tiki Roundtable Meeting
4)  18 Jul 2024 14:00 GMT-0000
Tiki Roundtable Meeting
5)  15 Aug 2024 14:00 GMT-0000
Tiki Roundtable Meeting
6)  19 Sep 2024 14:00 GMT-0000
Tiki Roundtable Meeting
7) 
Tiki birthday
8)  17 Oct 2024 14:00 GMT-0000
Tiki Roundtable Meeting
9)  21 Nov 2024 14:00 GMT-0000
Tiki Roundtable Meeting
10)  19 Dec 2024 14:00 GMT-0000
Tiki Roundtable Meeting