Hi there, I hope everyone is fine.
So, I have LDAP works fine in XWiki but I don’t have success to configure authentication by the group. I have made configuration on AD, creating a group, and adding users inside it. But I can’t authenticate with success.
DEBUG x.c.l.XWikiLDAPAuthServiceImpl - The provided user is null. We don't try to authenticate, it probably means the user is in non logged mode.
DEBUG o.x.c.l.XWikiLDAPConfig - remoteUserParser: null
DEBUG o.x.c.l.XWikiLDAPConfig - ldap_group_classes: [groupofnames, posixgroup, apple-group, groupofuniquenames, dynamicgroup, groupwisedistributionlist, group, dynamicgroupaux]
DEBUG o.x.c.l.XWikiLDAPConfig - ldap_group_memberfields: [uniquemember, memberuid, member]
DEBUG o.x.c.l.XWikiLDAPConnection - Connection to LDAP server [10.xxx.xxx.xx:389]
DEBUG o.x.c.l.XWikiLDAPConnection - Binding to LDAP server with credentials login=[cn=xwiki.usr,cn=Users,dc=xx,dc=xx,dc=xx]
DEBUG x.c.l.XWikiLDAPAuthServiceImpl - Checking if the user belongs to the user group: cn=xwiki,ou=Groups,dc=xx,dc=xx,dc=xx
DEBUG o.x.c.l.XWikiLDAPUtils - Found cache entry for group [cn=xwiki,ou=Groups,dc=xx,dc=xx,dc=xx]
DEBUG o.x.c.l.XWikiLDAPUtils - Found group [cn=xwiki,ou=Groups,dc=xx,dc=xx,dc=xx] members [{}]
DEBUG o.x.c.l.XWikiLDAPUtils - Found user dn in user group [null]
DEBUG x.c.l.XWikiLDAPAuthServiceImpl - Local LDAP authentication failed.
[info] com.xpn.xwiki.XWikiException: Error number 8001 in 8: LDAP user usrtest2 does not belong to LDAP group cn=xwiki,ou=Groups,dc=xx,dc=xxx,dc=xx.
xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl
xwiki.authentication.ldap=1
xwiki.authentication.ldap.trylocal=1
xwiki.authentication.ldap=1
xwiki.authentication.ldap.server=10.xxx.xxx.xx
xwiki.authentication.ldap.port=389
xwiki.authentication.ldap.base_DN=xx=AD,dc=xx,dc=xx
xwiki.authentication.ldap.user_group=cn=xwiki,ou=Groups,dc=xx,dc=xx,dc=xx
xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,email=mail
xwiki.authentication.ldap.update_user=1
xwiki.authentication.ldap.mode_group_sync=always