kokel
Hello,
I have a problem with groupOfNames in ldap auth plugin with dokuwiki weatherwax.
LDAP:
Group Object:
dn: cn=wikiAdmins,ou=wiki,ou=groups,dc=example,dc=com
objectClass: top
objectClass: groupOfNames
cn: wikiAdmins
member: uid=tobias.hachmer,ou=users,dc=example,dc=com
User Entry:
dn: uid=tobias.hachmer,ou=users,dc=example,dc=com
structuralObjectClass: inetOrgPerson
memberOf: cn=wikiAdmins,ou=wiki,ou=groups,dc=example,dc=com
dokuwiki conf:
$conf['authtype'] = 'authldap';
$conf['passcrypt'] = 'ssha';
$conf['plugin']['authldap']['server'] = 'ldap://ldap.example.com:389';
$conf['plugin']['authldap']['usertree'] = 'ou=users,dc=example,dc=com';
$conf['plugin']['authldap']['grouptree'] = 'ou=wiki,ou=groups,dc=example,dc=com';
$conf['plugin']['authldap']['userfilter'] = '(&(uid=%{user})(objectClass=person))';
$conf['plugin']['authldap']['groupfilter'] = '(&(objectClass=groupOfNames)(member=%{dn}))';
$conf['plugin']['authldap']['version'] = 3;
$conf['plugin']['authldap']['starttls'] = 1;
$conf['plugin']['authldap']['binddn'] = 'uid=wiki,ou=systems,dc=example,dc=com';
$conf['plugin']['authldap']['bindpw'] = 'pw';
$conf['plugin']['authldap']['groupkey'] = 'uid';
$conf['plugin']['authldap']['debug'] = 1;
I can't get the group stuff working. Authentication works fine but dokuwiki doesn't recognize ldap groups.
Running doku.php?do=check as authenticated ldap user gets this:
You are currently logged in as tobias.hachmer (Tobias Hachmer)
You are part of the groups user
The user group is not from ldap.
Please give me hint what I am doing wrong or to get this working.
Thanks,
Kokel
jeremybyu
I seriously dont know if this will help, but I'll give it a shot.
I tried forever to get LDAP to work but i never really could. So I ended up using the AD plugin. I got authentication to work, but I couldnt get all my groups to work. The basic built in groups worked like Domain Admin, but the ones that I made did not work. Then I realized the groups that I had were a different security group type. Mine were Security Group - Global, and theirs were Security Group- Domain Local. When I made groups that were of that type, it all started working. So I would check to see if other groups, like Domain Admin work.
The only problem I have now when I try to open user manager it says "authorisation method does not provide user counts".
kokel
Thanks for the reply.
But I get this working set the group key back to "cn" which is the default. I had set this to 'uid'.
Maybe the documentation could be more exact about the group key directive or name it to a better one like 'group rdn' e.g.
Regards,
Tobias Hachmer