schakko
Forum Replies Created
-
Please enable the debug log for further investigations.
You don need to omit the NETBIOS name from the REMOTE_USER variable. As soon as you have configured the NETBIOS name in NADI, the authentication will look up that profile by extracting the NETBIOS name from the REMOTE_USER variable.
Forum: Plugins
In reply to: [Next Active Directory Integration] var REMOTE_USER empty@theenforcer I’ve updated the documentation accordingly, thank you for the hint!
@sjones2701 I am closing this issue as you have confirmed that the REMOTE_USER variable is no longer empty.Just want to get back to you: try to disable the “Use proxy email address” option. There is a bug in it, introduced with a PR.
Forum: Plugins
In reply to: [Next Active Directory Integration] var REMOTE_USER empty@theenforcer Please check the PHP’s error log what error exactly occurs.
Also, if you have enabled the “Use Proxy email address”, try to disable it. There is a bug in it (https://wordpress.org/support/topic/call-to-a-member-function-findbyproxyaddress-on-null/).Forum: Plugins
In reply to: [Next Active Directory Integration] var REMOTE_USER emptyI am relatively sure that this is not a bug in NADI but something else.
wp_get_current_user would return null which var_dump() in return would also dump. So no issue there.@sjones2701 mentioned that he’s using IIS 10. Maybe this could be an (unknown to me atleast) issue.
Please enable the debug.log (https://active-directory-wp.com/docs/Configuration/Logger.html) and check it. There should be something like “Creating adLdap object failed”.
The reason for it could be a misconfigured TLS, wrong username/password for Sync to WordPress etc.To circumvent this issue, you can disable the checkbox “Allow proxy address login”.
Forum: Plugins
In reply to: [Next Active Directory Integration] var REMOTE_USER emptyYou can try to put
var_dump(wp_get_current_user());into Service.php before line 92 and check if it gets triggered. If not, SSO is not enabled. If yes, it should print the current detected user and SSO is working.
Without doing a debugging session (https://active-directory-wp.com/service-for-active-directory-and-wordpress/) I am out of ideas here.Forum: Plugins
In reply to: [Next Active Directory Integration] var REMOTE_USER emptyIf it does not trigger you have either SSO disabled or you are already logged in. What does
var_dump(wp_get_current_user());print?
- This reply was modified 5 years, 7 months ago by schakko.
Forum: Plugins
In reply to: [Next Active Directory Integration] var REMOTE_USER emptyI can only assume that some other plug-in removes or resets the REMOTE_USER variable. The code for extracting the remote user in NADI is pretty simple.
You can put a
var_dump($_SERVER);exit;in the first line of your /wordpress/index.php and check if the REMOTE_USER variable is available, then comment it out and put the code into /wordpress/wp-content/plugins/next-active-directory-integration/classes/Adi/Authentication/SingleSignOn/Service.php before line 92 (
$isUserLoggedIn = is_user_logged_in();) and check if the variable is empty or some other variable like X_REMOTE_USER is filled.Forum: Plugins
In reply to: [Next Active Directory Integration] var REMOTE_USER empty– In your second code example: How did you dump the $_SERVER variable? With var_dump($_SERVER)? Why is there a “GET” in front of it?
– Do you have a proxy in front of your webserver? This will change the environment variable.
– The other plug-in is installed in the *same* WordPress instance? What plug-in is it?Forum: Plugins
In reply to: [Next Active Directory Integration] Nadi SSO on IISDue to the complexity its hard to help remotely. You can get purchase a plan and then we can do a debugging session (https://active-directory-wp.com/service-for-active-directory-and-wordpress/).
Regarding the log out link: This is expected behavior. As soon as the user clicks on the log out link, he or she won’t be automatically logged in.
Forum: Plugins
In reply to: [Next Active Directory Integration] WPS Hide LoginHi @bcerny,
At the moment for custom login pages we actually don’t provide any UI to configure them nicely.
But you can write your own hook to register other pages than wp-login.php by using next_ad_int_register_form_login_services hook (see https://active-directory-wp.com/docs/API/Lifecycle.html)Greetings,
ChristopherForum: Plugins
In reply to: [Next Active Directory Integration] Login screen can be bypassedWhat do you mean by “login window”? The browser’s popup requesting your domain credentials, e.g. https://supportdesk.win911.com/support/solutions/articles/24000032823-how-to-stop-the-password-popup-in-internet-explorer-ie-authentication-setup?
If yes, this looks like a misconfiguration of your IIS authentication/authorization. If you click on “Cancel”, IIS should return an HTTP 403.
This typically happens if your IIS not correctly configured for NTLM or Kerberos. Please take a look at https://active-directory-wp.com/docs/Networking/Single_Sign_On/SSO_with_IIS_on_Windows.html for settin up the IIS.Forum: Plugins
In reply to: [Next Active Directory Integration] SSO Login blocked by CookieWhen being logged in through SSO (Kerberos/NTLM) and you manually log out, a cookie is set that the SSO login will be skipped.
This is expected behaviour – otherwise the logout function would not make any sense in an SSO environment 😉Forum: Plugins
In reply to: [Next Active Directory Integration] Recreate deleted userPlease check if the user_meta-table already contains entries for the GUID of the given user and delete the linked user.
But this seems more than an AD issue. Did you not just rename the user but also change his security groups and/or moved him to another OU?