- 论坛徽章:
- 0
|
目的:通过ldap协议用户认证windowsAD
AD域:
在Users里有个webmaster用户
日志:2011-08-01 19:38:13 wikidb: Entering validDomain
2011-08-01 19:38:13 wikidb: User is not using a valid domain.
2011-08-01 19:38:13 wikidb: Setting domain as: invaliddomain
2011-08-01 19:38:13 wikidb: Entering allowPasswordChange
2011-08-01 19:38:13 wikidb: Entering modifyUITemplate
2011-08-01 19:38:13 wikidb: Allowing the local domain, adding it to the list.
2011-08-01 19:38:47 wikidb: Entering validDomain
2011-08-01 19:38:47 wikidb: User is using a valid domain.
2011-08-01 19:38:47 wikidb: Setting domain as: tg
2011-08-01 19:38:47 wikidb: Entering getCanonicalName
2011-08-01 19:38:47 wikidb: Entering userExists
2011-08-01 19:38:47 wikidb:
2011-08-01 19:38:47 wikidb: Entering authenticate
2011-08-01 19:38:47 wikidb:
2011-08-01 19:38:47 wikidb: Entering Connect
2011-08-01 19:38:47 wikidb: Using TLS or not using encryption.
2011-08-01 19:38:47 wikidb: Using servers: ldap://l92.168.100.212
2011-08-01 19:38:47 wikidb: Using TLS
2011-08-01 19:38:47 wikidb: Failed to start TLS.
2011-08-01 19:38:47 wikidb: Connected successfully
2011-08-01 19:38:47 wikidb: Entering getSearchString
2011-08-01 19:38:47 wikidb: Doing a straight bind
2011-08-01 19:38:47 wikidb: userdn is: Webmaster,ou=Users,OU=TG,DC=tg,DC=com,DC=local
2011-08-01 19:38:47 wikidb:
2011-08-01 19:38:47 wikidb: Binding as the user
2011-08-01 19:38:47 wikidb: Failed to bind as Webmaster,ou=Users,OU=TG,DC=tg,DC=com,DC=local
2011-08-01 19:38:47 wikidb: Entering allowPasswordChange
2011-08-01 19:38:47 wikidb: Entering modifyUITemplate
2011-08-01 19:38:47 wikidb: Allowing the local domain, adding it to the list
配置文件:
require_once( 'LdapAuthentication.php' );
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDebug = 3;
$wgDebugLogGroups["ldap"] = "/tmp/debug.log" ;
$wgLDAPDomainNames = array( "tg" );
$wgLDAPServerNames = array( "tg"=>"l92.168.100.212");
$wgLDAPSearchStrings = array( "tg"=>"USER-NAME,ou=Users,OU=TG,DC=tg,DC=com,DC=local" );
$wgLDAPUseSSL = false;
$wgLDAPUseLocal = true;
$wgLDAPAddLDAPUsers = false;
$wgLDAPUpdateLDAP = false;
$wgLDAPMailPassword = false;
$wgLDAPRetrievePrefs = false;
$wgMinimalPasswordLength = 1;
但是认证不上,从日志看出应该是$wgLDAPSearchStrings = array( "tg"=>"USER-NAME,ou=Users,OU=TG,DC=tg,DC=com,DC=local" );
写的有问题,不知道该怎么修改,望高手指点。。。。。
我通过php测试时ldap是可以正常的测试代码:
<?php
// using ldap bind
$ldaprdn = 'webmaster'; // ldap rdn or dn
$ldappass = 'QeeKawebmaster123'; // associated password
// connect to ldap server
$ldapconn = ldap_connect("tg.com.local")
or die("Could not connect to LDAP server.");
if ($ldapconn) {
// binding to ldap server
$ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);
// verify binding
if ($ldapbind) {
echo "LDAP bind successful...";
} else {
echo "LDAP bind failed...";
}
}
?> |
|