Hi mdc_xwiki,
thank you for your answer.
i tried the openssl test. and it worked. It made a connections but as Returncoe i became: Verify return code: 20 (unable to get local issuer certificate).
Which is OK, the Openssl don´t know that it can trust the Certificate. This is while i set the Parameter “xwiki.authentication.ldap.ssl.keystore” in which the DC Certificate is present.
It tested it with the Dubug Level on “Trace” in the Config File. Same as before i became only the following related information in the Log:
- The provided user is null. We don’t try to authenticate, it probably means the user is in non logged mode
- XWikiUser: null
- Starting LDAP authentication
- LDAP authentication failed: LDAP not activ
- LDAP authentication failed for user [xwikiadtestuser]
Have you an Idea?
Because of the Error with Provided User is 0 here my complete XWIKI Config for LDAP:
xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl
xwiki.authentication.ldap.server=Example.com
#LDAP
#xwiki.authentication.ldap.port=389
#xwiki.authentication.ldap=1
#LDAPS
xwiki.authentication.ldap.ssl=1
xwiki.authentication.ldap.port=636
xwiki.authentication.ldap.ssl.secure_provider=com.sun.net.ssl.internal.ssl.Provider
xwiki.authentication.ldap.ssl.keystore=/data/xwiki/DC.keystore
xwiki.authentication.ldap.base_DN=dc=sub,dc=domain,dc=com
xwiki.authentication.ldap.bind_DN=sub\{0}
xwiki.authentication.ldap.bind_pass={1}
xwiki.authentication.ldap.UID_attr=sAMAccountName
xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=sn,first_name=givenName,fullname=displayName,email=mail,ldap_dn=dn
xwiki.authentication.ldap.trylocal=1
xwiki.authentication.ldap.update_user=1
xwiki.authentication.ldap.group_mapping=XWiki.Group=CN=User_IT,OU=User,OU=Groups,OU=Gru,OU=VBS,DC=sub,DC=domain,DC=com|\
For anyone that can help me, before LDAP in XWIKI makes me crazy --> Thank you very much.