WordPress.org

Ready to get started?Download WordPress

Forums

Active Directory Integration
Problem solved with LDAP service account authentication/password (1 post)

  1. MuzTheMan
    Member
    Posted 1 year ago #

    I had problem with authentication on LDAP server - I need to use a password to get access to LDAP info. However I managed to fix via the forums so I thought I would relay the fix...

    [INFO] method authenticate() called
    [INFO] ------------------------------------------
    PHP version: 5.3.3
    WP version: 3.5
    ADI version: 1.1.3
    OS Info : Linux ........................
    Web Server : apache2handler
    adLDAP ver.: 3.3.2 Extended (201104081456)
    ------------------------------------------
    [NOTICE] username: <username>
    [NOTICE] password: **not shown**
    [INFO] Options for adLDAP connection:
    - account_suffix:
    - base_dn: cn=<LDAP service account>,ou=application users,ou=applications,ou=intranet,dc=<company>,dc=com
    - domain_controllers: <tla>-ids.<company>.net
    - ad_port: 389
    - use_tls: 1
    - network timeout: 60
    [NOTICE] adLDAP object created.
    [INFO] max_login_attempts: 3
    [INFO] users failed logins: 0
    [NOTICE] trying account suffix ""
    [ERROR] Authentication failed
    [WARN] storing failed login for user "<username>"

    The fix was as follows...
    /wordpress/wp-content/plugins/active-directory-integration/ad_ldap/adLDAP.php
    In ‘public function authenticate’ remove line...
    $this->_bind = @ldap_bind($this->_conn, $username . $this->_account_suffix, $password);

    Fix was described in WordPress forum by naima.shaikh - thanks Naima!
    http://wordpress.org/support/topic/plugin-active-directory-integration-version-090-published

    Furthermore I spent a lot of time tweaking Active Directory Integration Settings so I here is what worked for me...

    WordPress Active Directory Integration Settings
    Domain Controllers: <tla>-ids.<company>.net
    Port: 389
    Use TLS: Yes
    LDAP Network Timeout: 60 seconds
    Base DN: cn=<LDAP service account>,ou=application users,ou=applications,ou=intranet,dc=<company>,dc=com

    I can now log in to WordPress via LDAP but I do not get all the user info but hopefully this will be a trivial task and I'll just need to play with some switches...

    [NOTICE] adLDAP object created.
    [INFO] max_login_attempts: 3
    [INFO] users failed logins: 0
    [NOTICE] trying account suffix ""
    [NOTICE] Authentication successfull for "<username>"
    [NOTICE] cleaning up failed logins for user "<username>"
    [DEBUG] ATTRIBUTES TO LOAD: Array
    (
    [0] => cn
    [1] => givenname
    [2] => sn
    [3] => displayname
    [4] => description
    [5] => mail
    [6] => samaccountname
    [7] => userprincipalname
    [8] => useraccountcontrol
    )

    [DEBUG] USERINFO[0]:

    [NOTICE] Updating user "<username>" with following data:
    - email :
    - first name :
    - last name :
    - display name : <username>
    - account suffix:
    - role :
    [NOTICE] - user_id : 2
    [DEBUG] cn is empty. Local value of meta key adi_cn left unchanged.
    [DEBUG] givenname is empty. Local value of meta key adi_givenname left unchanged.
    [DEBUG] sn is empty. Local value of meta key adi_sn left unchanged.
    [DEBUG] displayname is empty. Local value of meta key adi_displayname left unchanged.
    [DEBUG] description is empty. Local value of meta key adi_description left unchanged.
    [DEBUG] mail is empty. Local value of meta key adi_mail left unchanged.
    [DEBUG] samaccountname is empty. Local value of meta key adi_samaccountname left unchanged.
    [DEBUG] userprincipalname is empty. Local value of meta key adi_userprincipalname left unchanged.
    [DEBUG] useraccountcontrol is empty. Local value of meta key adi_useraccountcontrol left unchanged.
    [NOTICE] FINISHED

    User logged on.

    http://wordpress.org/extend/plugins/active-directory-integration/

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic