Loading...
 

LDAP / Active directory


Ldap Login stopped working after Tiki update 12.2 to 16.2

Brazil
I had updated my tiki wiki from version 12.2 to 16.2, after that the login using ldap is not working anymore, i can login normally if i use the login tiki without ldap, i saw that the configuration from the previous version is still the same, nothing changed in the ldap tab in the administration control panel. When i try to login only give me page with HTTP ERROR 500. In the tiki-syslog.php only give me the message : UsersLib::_ldap_sync_and_update_lastlogin() . Any ideas what happened ? Thank you.
United States
I upgraded from Tiki V 15.3 to 16.2 and LDAP is not working. I'm running both versions side by side on the same server. Both versions have the same settings for LDAP yet the old version works and new does not.
Brazil
I upgraded to version 15.3 too, same thing, i lost my ldap authentication. It's like you do the upgrade, you lost the ldap authentication. Don't know what to do now.

United States
I too am stuck unable to login through LDAP using Tiki version 16.2. In my case it is a clean install and not an upgrade. From what I've seen the problem is related to a change in one of the php scripts. It has been hard to find posts specifically referencing version 16.x but this post about version 15.x is pretty much the exact problem around LDAP and getting an http 500 error. It seems a fix is available in the daily build and maybe they will put it in a version build sometime in the future? According to the post, it will resolve the issue, I'm just not familiar enough with Tiki Wiki yet to know what to do with this information.

United States

So following the steps outlined by albertgi in the Comments of this thread I was able to change the PEAR.php script. With that, combined with trial and error, I was able to get the authentication working. The other things I tried:
Make sure the suffix for the Admin user matches the Base DN of the LDAP Bind settings in the LDAP tab
Base DN: DC=corp,DC=domain,DC=com
Admin User: admin at corp.domain.com
Use this even if your users login with username at my-domain.com. The Base DN and user login suffix can be different, as long as the Base DN is pointing to where your user information is kept in AD.
For the Host under LDAP Bind Settings, I changed it to our domain controller. I had been pointing it to the Read-Only DC when it was not working. Not sure if this matters but could be worth a shot. I also left the Port blank and allowed it to use the default
Lastly I left Use an external LDAP server for groups unchecked. Some tutorials say check it others say uncheck.


Why Register?

Register at tiki.org and you'll be able to use the account at any *.tiki.org site, thanks to the InterTiki feature. A valid email address is required to receive site notifications and occasional newsletters. You can opt out of these items at any time.