AD Integration Stopped Working

  • p.caton-outpost.coop

    (@pcaton-outpostcoop)


    11 years ago

    I had successfully setup AD integration and have been using it for over a month now. Suddenly, it has stopped working.

    Here is the output of my tests:

    AD Integration Logon Test
    openLDAP installed

    [INFO] method authenticate() called
    [INFO] ——————————————
    PHP version: 5.4.24
    WP version: 4.2.1
    ADI version: 1.1.7
    OS Info : Windows NT FRY 6.2 build 9200 (Unknown Windows version Standard Edition) i586
    Web Server : cgi-fcgi
    adLDAP ver.: 3.3.2 EXTENDED (201302271401)
    ——————————————
    [INFO] LDAP paging: enabled
    [NOTICE] username: username
    [NOTICE] password: **not shown**
    [INFO] Options for adLDAP connection:
    – account_suffix: @outpost.coop
    – base_dn: DC=outpost,DC=coop
    – domain_controllers: domaincontroller1;domaincontroller2
    – ad_port: 389
    – use_tls: 1
    – network timeout: 5
    [INFO] Checking domain controller ports:
    [INFO] – domaincontroller1:389 – OK
    [INFO] – comaincontroller2:389 – OK
    [NOTICE] adLDAP object created.
    [INFO] max_login_attempts: 3
    [INFO] users failed logins: 2
    [NOTICE] trying account suffix “@outpost.coop”
    [ERROR] Authentication failed
    [WARN] storing failed login for user “username”

    Logon failed

    Any idea what is wrong?

    Thank you.

    https://wordpress.org/plugins/active-directory-integration/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter p.caton-outpost.coop

    (@pcaton-outpostcoop)

    11 years ago

    I think I know the problem. I installed a Certificate Authority on a domain controller in order to get AD integration working with a Sonicwall.

    So if I disable TLS, AD authentication works again.

    I see there is an FAQ on this:

    Is it possible to use TLS with a self-signed certificate on the AD server?

    Yes, this works. But you have to add the line TLS_REQCERT never to your ldap.conf on your web server. If yout don’t already have one create it. On Windows systems the path should be c:\openldap\sysconf\ldap.conf. Another and even simpler way is to add LDAPTLS_REQCERT=never to your environment settings.

    I am using WordPress on a Windows 2012 R2 server. I have created a folder/file in c:\openldap\sysconf\ldap.conf and added a line, LDAPTLS_REQCERT=never to this file. I then restarted IIS. Still isn’t working.

    Any other ideas?

    Thread Starter p.caton-outpost.coop

    (@pcaton-outpostcoop)

    11 years ago

    First, I meant to say that I added TLS_REQCERT never to the ldap.conf file.

    Second, I restarted both the DCs and the WordPress server.

    TLS seems to be working again.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘AD Integration Stopped Working’ is closed to new replies.