Support » Plugin: Plugin Name: ldap_login_password_and_role_manager » Role management: "The user is not defined in the realm for this site."

  • Hello,

    As far as I’ve seen, this is the only LDAP plugin for WordPress which can support both TLS and role-mapping out of the box. Yay? Unfortunately, role assignment does not work. I’ve defined an arbitrary attribute that exists in my LDAP schemas (here, ‘associatedDomain’) which will be mapped to the Role Manager Attribute of the plugin. I have assigned the value ‘WP __ALL__ administrator’ to ‘associatedDomain’ for a user. Testing the credentials from the plugin settings page works, but warns that “The user is not defined in the realm for this site.” Logging in of course errors with “Login Error: Could not authenticate your credentials. Could be a realm violation.” I’ve also tried substituting __ALL__ for <server name of my WP vhost>, as well as adding a second value of ‘associatedDomain’ for this user. Still no. The attribute (actually, the entire ou with users) is readable by the bind DN. Same thing occurs regardless of the attribute I choose to be mapped.

    Removing the value for the Role Manager Attribute obviously allows for sign-in, but LDAP integration is all but pointless if there is no way to assign roles via LDAP.

    I’ve looked at the PHP and it seems sane, although I don’t understand why one uses the line $aa = explode(',', $a[1]) because $a[1] should be a single string which cannot have commas in it (either a domain name or __all__). I have been unable to get these arrays to print to a file for further investigation. Ideas?

    Thanks for the support!

    https://wordpress.org/plugins/ldap-login-password-and-role-manager/

Viewing 3 replies - 1 through 3 (of 3 total)
  • I’m also attempting the same thing, even with other plugins but have not been able to assign roles other than “users” and “administrators” – will update if I figure anything out.

    LDAP LRPM seems to just accept roles in the LDAP not attributes, I found this plugin that let’s you assign user roles based a group attribute and their value. Works seamlessly with WPFront User Role Editor.

    https://github.com/heiglandreas/authLdap

    Hope that helps

    I had what looks like the same issue and it took me a good whack on the head to figure it out.
    Change your attribute (in wordpress) to all lower case.
    I did a vardump on all the PHP variables and I saw that our camelcase attribute was pulled as all lower case. I updated the configuration and Bob’s your uncle.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Role management: "The user is not defined in the realm for this site."’ is closed to new replies.