1- I set every properties in xwiki.config then it didnt work.
2- I installed Active Directory extension and set every properties at UI then ldap auth worked.
3- Then i cleared every properties in Active Directory extension page(UI). It still worked
4- After AD extension trial finished ldap auth doesn’t work.
Is Active Directory extension mandatory for ldap login ?
watery
February 28, 2023, 4:05pm
2
It is not: I’m running XWiki without it but still authenticating against an Active Directory instance.
Can you share the props you set in your config file (hiding any user / passwords of course)?
xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl
xwiki.authentication.ldap=1
xwiki.authentication.ldap.trylocal=1
xwiki.authentication.ldap.server=xxx.xx.xxx.xxx
xwiki.authentication.ldap.port=389
xwiki.authentication.ldap.base_DN=ou=Merkez,ou=Kullanicilar,ou=xxx,dc=xx,dc=local
xwiki.authentication.ldap.bind_DN=cn=xxxx,ou=ServiceAccounts,ou=xxx,dc=xxx,dc=local
xwiki.authentication.ldap.bind_pass=xxxxxx
xwiki.authentication.ldap.UID_attr=sAMAccountName
#xwiki .authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,email=mail
xwiki.authentication.ldap.update_user=1
xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=sn,first_name=givenName,fullname=displayName,email=mail,ldap_dn=dn
watery
March 2, 2023, 10:31am
4
They look good to me, and are the same as mine except for xwiki.authentication.ldap.trylocal
, that I have set to 0.
Maybe the expired extensions needs to be uninstalled? I have no further ideas.
I’ve uninstalled expired extension. But it didnt work.
Also i set xwiki.authentication.ldap.trylocal =0 but still didn’t work.
could you share your installed extension and your xwiki’s release version
watery
March 2, 2023, 5:08pm
7
LDAP Authenticator 9.7.8 on XWiki 14.10.5 – but it has worked since my first install, which was 14.4.x IIRC
You should have a look at LDAP debug log https://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Authenticator/#HEnableLDAPdebuglog
I uninstalled LDAP authenticator then installed again.
Now it works.
now my ldap configs:
xwiki/bin/admin/XWiki/XWikiPreferences?editor=globaladmin§ion=Authentication → enable auth
xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl
xwiki.authentication.ldap=1
xwiki.authentication.ldap.trylocal=1
xwiki.authentication.ldap.server=xxx.xx.xxx.xxx
xwiki.authentication.ldap.port=389
xwiki.authentication.ldap.base_DN=ou=xxx,ou=Kullanicilar,ou=xxx,dc=xxx,dc=local
xwiki.authentication.ldap.bind_DN=cn=xxx,ou=ServiceAccounts,ou=xxxx,dc=xxx,dc=local
xwiki.authentication.ldap.bind_pass=xxxxxx
xwiki.authentication.ldap.UID_attr=sAMAccountName
xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,email=mail
xwiki.authentication.ldap.update_user=1
my xwiki version: debian 14.10.2
installed extension:
ldap authenticator 9.7.8
ldap class lib. for java (installed as dependency)