No matter what I try, LDAP will not authenticate

We’re using a docker installation of XWiki.

I cannot get LDAP to work unless we use the paid Active Directory Application.

I have everything configured in /usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.cfg, restarted the docker instance, but logins will not authenticate through LDAP. Below is a section of our xwiki.cfg

#-# LDAP authentication service
xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl

#-# Turn LDAP authentication on - otherwise only XWiki authentication
#-# - 0: disable
#-# - 1: enable
#-# The default is 0
xwiki.authentication.ldap=1

#-# Enable local accounts in addition to LDAP.
#-# Without this setting you will be unable to log into XWiki with local accounts.
#-# - 0: disable
#-# - 1: enable
#-# The default is 0
xwiki.authentication.ldap.trylocal=1

#-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)
#-# The default host is localhost
xwiki.authentication.ldap.server=OURLDAPSERVER
#-# The default port is 389 (636 if xwiki.authentication.ldap.ssl is enabled)
xwiki.authentication.ldap.port=389

#-# LDAP credentials, empty = anonymous access, otherwise specify full dn
#-# {0} is replaced with the user name, {1} with the password
xwiki.authentication.ldap.bind_DN=CN=LDAP,OU=CompanyOU,DC=company,DC=local
xwiki.authentication.ldap.bind_pass=Test1234

#-# The Base DN used in LDAP searches
xwiki.authentication.ldap.base_DN=DC=company,DC=local

Hi there,

That’s good news for XWiki SAS (it shows they’ve done a good job of making it easier to use their extension ;)), and thus for the XWiki open source project since all they earn is put back in the development of XWiki! So why not pay for it and help participate to this open source project? :slight_smile: There are various ways to contribute : developing code is one but so is sponsoring the development of XWiki.

I’m no LDAP expert so I cannot help you on the tech side, sorry.

You might want to take a look at https://extensions.xwiki.org/xwiki/bin/view/Extension/LDAP/Authenticator/UseCases/#HActiveDirectory.