Loading...
 

LDAP / Active directory


LDAP Configuration Problem

Germany

Hello,
we have a Microsoft Active Directory 2003 Server and i try to connect tikiwiki (Version: 9.6) to the ldap.
But I don’t have much success by the time. I got the following erromessage:
Error: Bind failed: Invalid credentials:LDAP_INVALID_CREDENTIALS at line 240 in /var/www/tikiwiki/lib/auth/ldap.php

I set the following LDAP Settings:
LDAP Bind Settings:
Host: 10.53.0.1
Port: 389
LDAP Bind Type: ActiveDirectory (User@Domain)
Search scope: Subree
LDAP Version: 3
Base DN: DC=XXX,DC=XXX
LDAP User:
User DN: OU=XXXX,OU=XXXX
User attribute: sAMAccountName
User OC: person
Realname attribute: displayName
Email attribute: userPrincipalName
LDAP Admin:
Admin User: CN=XXXX,OU=XXXX,dc=XXXX,dc=XXXX or administrator@DOMAIN
Admin Password: XXXXXX

I set the following LDAP Group Settings:
LDAP Bind Settings:
Host: 10.53.0.1
Port: 389
LDAP Bind Type: ActiveDirectory (User@Domain)
Search scope: Subree
LDAP Version: 3
Base DN: DC=XXX,DC=XXX
LDAP User:
User DN: OU=XXXX,OU=XXXX
User attribute: sAMAccountName
Corresponding user attribute in 1st directory: sAMAccountName
User OC: person
LDAP Group:
Group DN: OU=XXXX,OU=XXXX
Group name attribute: sAMAccountName
Group description attribute: description
Group OC: group
LDAP Group Member:
Member attribute: member
LDAP User Group:
Group attribute: memberOf
Group attribute in group entry: cn
LDAP Admin:
Admin User: CN=XXXX,OU=XXXX,dc=XXXX,dc=XXXX or administrator@DOMAIN
Admin Password: XXXXXX


A ldapsearch on the same server works fine:
ldapsearch -x -H ldap://10.53.0.1:389 -b ‘OU=XXXX,OU=XXXX,DC=XXXX,DC=XXXX’ -D “USER@DOMAIN” -W

Any ideas or suggestions?

greets

Steffen

Why Register?

Register at tiki.org and you'll be able to use the account at any *.tiki.org site, thanks to the InterTiki feature. A valid email address is required to receive site notifications and occasional newsletters. You can opt out of these items at any time.