schakko
Forum Replies Created
-
The field
departmentNumberis – by default – not avavilable in the Global Catalog. If you have to use the GC because of other reasons, you have also make the attribute to be replicated in the AD.Hm, the obvious question is: Does the user you are trying to synchronize have the “departmentNumber” attribute filled? Even if we are both pretty sure that it is filled, can you check with ADSIEdit?
Have connected NADI to your AD’s LDAP port (389, 636) or to the Global Catalog (3268, 3269)?
You can try to var_dump-debug the code in
classes/Adi/User/Manager.php(https://github.com/NeosIT/active-directory-integration2/blob/c35e1389669eca9e77df373383472242e63e19b9/classes/Adi/User/Manager.php) line 458 with// that should contain "departmentnumber" => [...]: var_dump($ldapAttributes); // that should contain also "departmentnumber" => [type=>'list'] var_dump($attributeWhitelist); // that should also contain "departmentnumber" => [...] var_dump($filteredAttributes);- This reply was modified 3 years, 8 months ago by schakko.
@marco_b
Hey Marco, can you rename the attribute mapping from “departmentNumber” to “departmentnumber” (lower-case “n”) and check if it works?Can you elaborate on which WordPress field you are referring to? The “User Disabled” field seems to be coming from another plug-in.
Forum: Plugins
In reply to: [Next Active Directory Integration] Configuration Screen Greyed OutCan you check for any JavaScript errors by using your browser’s Web Developer console (usually, by pressing F12)?
Forum: Plugins
In reply to: [Next Active Directory Integration] Fatal errors on plugin installation@amilhub This seems to be an issue with the WordPress’ Redux framework and your SaaSland theme. NADI does not use the Redux framework, so this is not directly an issue of NADI.
I’d suggest you either ask for support from the SaaSland theme provider or purchase a support license at active-directory-wp.com so we can dig into this issue.
Forum: Plugins
In reply to: [Next Active Directory Integration] Help to debug auth errorPlease enable the debug.log and then check the timestamps of the Event Log entry with the entries inside the debug.log.
Maybe you have configured an account for “Sync to WP” and that one has an invalid/wrong password.
Forum: Plugins
In reply to: [Next Active Directory Integration] wordfence supportI’ve looked into it and added some hooks to make NADI compatible with Wordfence. You can use the new hooks
login_succeeded_create_redirect_uriandlogin_succeeded_exit_after_redirectin combination withauth_enable_login_checkto make the required logic work.
The new hooks are already available in thedevelopbranch and will be publicly available with the next release.Maybe we will add a small premium extension in the future.
- This reply was modified 4 years, 2 months ago by schakko.
Forum: Plugins
In reply to: [Next Active Directory Integration] Copy profilesHi Jonas,
if you have any PRs open, feel free to contribute at https://github.com/NeosIT/active-directory-integration2.Adding such a feature is not planned on our side. If you need those feature, you can contact us for an official offer.
Greetings,
Schakko@leonado
– Check your Apache’s/nginx/IIS error log for any issue
– If available, check your php-fpm errors
– Enable NADI’s debug.log (https://active-directory-wp.com/docs/Configuration/Logger.html) and check the debug.log for errors
– Before saving, press F12 in your browser. Then click the “Save” button. Check the server’s response for any issues like a non 2xx-HTTP status code or an invalid JSON responseForum: Plugins
In reply to: [Next Active Directory Integration] AD Account Lockout@bailz564
NADI is responsible for doing the authentication but there does nothing exist like an automatic login procedure.My 2nd guesses would be
– Some other plug-ins which are firing WordPress ‘wp_authenticate’ hook (which NADI is listening to)
– Browser plug-ins which are trying to re-authenticate (which triggers NADI’s authentication)Some further questions:
– Are there any other WordPress plug-ins installed which have to do with security-related topics?
– Do you have checked in which intervals (e.g. every 120 minutes) those re-authentications happen?
– Can you correlate the authentication with some HTTP requests (e.g. by comparing the timestamps with Apache’s access.log)?Forum: Plugins
In reply to: [Next Active Directory Integration] AD Account LockoutNADI itself does not store your password (aside from the required service accounts for Sync to WP/AD – which you are not using).
– Are you using some tools like Windows Live Writer which periodically logs in into WordPress/NADI?
– Does NADI’s debug.log shows any suspicious activity?Forum: Plugins
In reply to: [Next Active Directory Integration] AD Account LockoutHi @bailz564,
if your user’s account get locked, it might be due to the “Account Lockout Policy” of your Domain Controller’s GPO.
You can find the corresponding group policy below
Computer Configuration > Windows Settings > Security Settings > Account Policies >Account Lockout Policy.From NADI’s side, there is nothing we can do. You could either use a custom WordPress solution to prevent brute force logins or configure the corresponding GPO.
Forum: Plugins
In reply to: [Next Active Directory Integration] rror with login and test authentication@percoz78 You are right. The “Allow proxy address login” feature is affected by the issue. In the most of the cases you don’t need it.
Glad to hear, it is working now 🙂