WordPress.org

Ready to get started?Download WordPress

Forums

Active Directory Integration
email address and user information not imported from AD (3 posts)

  1. mpinilla
    Member
    Posted 2 years ago #

    First time I log in to WordPress authentication works fine, my user accoount is created in WordPress, but the profile does not have email address or Name.
    Only information on the profile is the userid.
    Role shows correctly too.

    Running Test Tool this is what I got (all information from AD is empty):

    AD Integration Logon Test
    openLDAP installed
    [INFO] method authenticate() called
    [INFO] ------------------------------------------
    PHP version: 5.3.6
    WP version: 3.3.1
    ADI version: 1.1.3
    OS Info : Windows NT ICIWEB01 5.2 build 3790 (Windows Server 2003 Enterprise Edition Service Pack 1) i586
    Web Server : cgi-fcgi
    adLDAP ver.: 3.3.2 Extended (201104081456)
    ------------------------------------------
    [NOTICE] username: mpinilla
    [NOTICE] password: **not shown**
    [INFO] Options for adLDAP connection:
    - account_suffix: @ici
    - base_dn: "dc=Corp,dc=icihomes,dc=com"
    - domain_controllers: icihqdc01.corp.icihomes.com
    - ad_port: 389
    - use_tls: 0
    - network timeout: 5
    [NOTICE] adLDAP object created.
    [INFO] max_login_attempts: 3
    [INFO] users failed logins: 0
    [NOTICE] trying account suffix "@ici"
    [NOTICE] Authentication successfull for "mpinilla@ici"
    [NOTICE] cleaning up failed logins for user "mpinilla"
    [DEBUG] ATTRIBUTES TO LOAD: Array
    (
    [0] => cn
    [1] => givenname
    [2] => sn
    [3] => displayname
    [4] => description
    [5] => mail
    [6] => samaccountname
    [7] => userprincipalname
    [8] => useraccountcontrol
    )

    [DEBUG] USERINFO[0]:

    [NOTICE] Creating user 'mpinilla' with following data:
    - email :
    - first name :
    - last name :
    - display name : mpinilla@ici
    - account suffix:
    - role :
    [DEBUG] Setting local password to the used for this login.
    [NOTICE] - user_id : 16
    [DEBUG] cn is empty. Local value of meta key adi_cn left unchanged.
    [DEBUG] givenname is empty. Local value of meta key adi_givenname left unchanged.
    [DEBUG] sn is empty. Local value of meta key adi_sn left unchanged.
    [DEBUG] displayname is empty. Local value of meta key adi_displayname left unchanged.
    [DEBUG] description is empty. Local value of meta key adi_description left unchanged.
    [DEBUG] mail is empty. Local value of meta key adi_mail left unchanged.
    [DEBUG] samaccountname is empty. Local value of meta key adi_samaccountname left unchanged.
    [DEBUG] userprincipalname is empty. Local value of meta key adi_userprincipalname left unchanged.
    [DEBUG] useraccountcontrol is empty. Local value of meta key adi_useraccountcontrol left unchanged.
    [NOTICE] FINISHED

    User logged on.

    http://wordpress.org/extend/plugins/active-directory-integration/

  2. glatze
    Member
    Plugin Author

    Posted 2 years ago #

    This is typical for problems with Base DN or Account Suffix.

    • Are "dc=Corp,dc=icihomes,dc=com" and "ici" really correct?
    • Have you tried "ici.local" (or whatever your domain FQDN is) and
    • another Base DN (e.g. "dc=icihomes,dc=com")?
  3. Max625
    Member
    Posted 2 years ago #

    Not sure if this applies to your issue but, I had problems with the DN, once I hacked in a few lines of code it worked.

    file: adLDAP.php, in the authenticate function

    /*$this->_bind = @ldap_bind($this->_conn, $username . $this->_account_suffix, $password); this doesn't work! it is missing the DN*/
    $this->_bind = @ldap_bind($this->_conn, 'uid='.$username.','.$this->_base_dn, $password); /*works*/

    file: adLDAP.php, in the user_info function

    if ($isGUID === true) {
                $username = $this->strguid2hex($username);
                $filter="objectguid=".$username;
            }
            else if (strstr($username, "@")) {
                 $filter="userPrincipalName=".$username;
            }
            else {
                 //$filter="samaccountname=".$username;
                 $filter="uid=".$username; /*fix*/
            }
            //$filter = "(&(objectCategory=person)({$filter}))";
            if ($fields===NULL){ $fields=array("samaccountname","mail","memberof","department","displayname","telephonenumber","primarygroupid","objectsid"); }
            if (!in_array("objectsid",$fields)){
                $fields[] = "objectsid";
            }

    This allowed the login to work, and brought in some info about the user.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic