This question about LDAP: Answered
LDAPConfig: LdapErr: DSID-0C090334 and Action "viewauth": authentication required
I've installed foswiki via windows installer ((
http://sourceforge.net/projects/foswiki/files/foswiki/1.0.8/Foswiki-1.0.8-1-strawberry.exe/download)) and everything seems to work fine.
Now I need to access the Wiki "via LDAP" credentials. Therefore in first step i downloaded the plugin "LDAPContrib".
After I configured the LDAP specific things my
LocalSite.cfg looks like:
# Local site settings for Foswiki. This file is managed by the 'configure'
# CGI script, though you can also make (careful!) manual changes with a
# text editor.
$Foswiki::cfg{DefaultUrlHost} = 'http://vm-server25.btexx.net';
$Foswiki::cfg{ScriptUrlPath} = '/foswiki/bin';
$Foswiki::cfg{PubUrlPath} = '/foswiki/pub';
$Foswiki::cfg{PubDir} = 'C:/Foswiki/Foswiki/pub';
$Foswiki::cfg{TemplateDir} = 'C:/Foswiki/Foswiki/templates';
$Foswiki::cfg{DataDir} = 'C:/Foswiki/Foswiki/data';
$Foswiki::cfg{LocalesDir} = 'C:/Foswiki/Foswiki/locale';
$Foswiki::cfg{WorkingDir} = 'C:/Foswiki/Foswiki/working';
$Foswiki::cfg{ScriptSuffix} = '';
$Foswiki::cfg{Password} = 'lhDY9it1lCqd2';
$Foswiki::cfg{UseClientSessions} = 1;
$Foswiki::cfg{Sessions}{ExpireAfter} = 21600;
$Foswiki::cfg{Sessions}{ExpireCookiesAfter} = 0;
$Foswiki::cfg{Sessions}{IDsInURLs} = 0;
$Foswiki::cfg{Sessions}{UseIPMatching} = 1;
$Foswiki::cfg{Sessions}{MapIP2SID} = 0;
$Foswiki::cfg{LoginManager} = 'Foswiki::LoginManager::TemplateLogin';
$Foswiki::cfg{LoginNameFilterIn} = '^[^\\s\\*?~^\\$@%`"\'&;|<>\\x00-\\x1f]+$';
$Foswiki::cfg{DefaultUserLogin} = 'guest';
$Foswiki::cfg{DefaultUserWikiName} = 'FoswikiGuest';
$Foswiki::cfg{AdminUserWikiName} = 'FoswikiAdminGroup';
$Foswiki::cfg{AdminUserLogin} = 'admin';
$Foswiki::cfg{SuperAdminGroup} = 'FoswikiAdminGroup';
$Foswiki::cfg{UsersTopicName} = 'FoswikiUsers';
$Foswiki::cfg{AuthScripts} = 'attach,edit,manage,rename,save,upload,viewauth,rdiffauth';
$Foswiki::cfg{AuthRealm} = 'Enter your LoginName. (Typically First name and last name, no space, no dots, capitalized, e.g. JohnSmith, unless you chose otherwise). Visit FoswikiRegistration if you do not have one.';
$Foswiki::cfg{UserMappingManager} = 'Foswiki::Users::LdapUserMapping';
$Foswiki::cfg{Register}{EnableNewUserRegistration} = 1;
$Foswiki::cfg{Register}{HidePasswd} = 1;
$Foswiki::cfg{Register}{NeedVerification} = 0;
$Foswiki::cfg{PasswordManager} = 'Foswiki::Users::LdapPasswdUser';
$Foswiki::cfg{MinPasswordLength} = 1;
$Foswiki::cfg{Htpasswd}{FileName} = 'C:/Foswiki/Foswiki/data/.htpasswd';
$Foswiki::cfg{Htpasswd}{Encoding} = 'crypt';
$Foswiki::cfg{SafeEnvPath} = 'C:\\WINDOWS\\system32;C:\\WINDOWS;C:\\WINDOWS\\System32\\Wbem;C:\\strawberry\\c\\bin;C:\\strawberry\\perl\\bin';
$Foswiki::cfg{OS} = 'WINDOWS';
$Foswiki::cfg{DetailedOS} = 'MSWin32';
$Foswiki::cfg{DenyDotDotInclude} = 1;
$Foswiki::cfg{AllowInlineScript} = 1;
$Foswiki::cfg{UploadFilter} = '^( [[file://\\.htaccess|.*\\.(?i)(?:php[0-9s]?(\\..*)?|[sp]htm[l]?(\\..*)?|pl|py|cgi))$'][ \\.htaccess|.*\\.(?i)(?:php[0-9s]?(\\..*)?|[sp]htm[l]?(\\..*)?|pl|py|cgi))$' ]];
$Foswiki::cfg{NameFilter} = '[\\s\\*?^\\$@%`"\'&;|<>\\x00-\\x1f]';
$Foswiki::cfg{AccessibleENV} = '^(HTTP_\\w+|REMOTE_\\w+|SERVER_\\w+|REQUEST_\\w+|MOD_PERL)$';
$Foswiki::cfg{AntiSpam}{EmailPadding} = '';
$Foswiki::cfg{AntiSpam}{HideUserDetails} = 1;
$Foswiki::cfg{AntiSpam}{RobotsAreWelcome} = 1;
$Foswiki::cfg{Log}{view} = 1;
$Foswiki::cfg{Log}{search} = 1;
$Foswiki::cfg{Log}{changes} = 1;
$Foswiki::cfg{Log}{rdiff} = 1;
$Foswiki::cfg{Log}{edit} = 1;
$Foswiki::cfg{Log}{save} = 1;
$Foswiki::cfg{Log}{upload} = 1;
$Foswiki::cfg{Log}{attach} = 1;
$Foswiki::cfg{Log}{rename} = 1;
$Foswiki::cfg{Log}{register} = 1;
$Foswiki::cfg{ConfigurationLogName} = 'C:/Foswiki/Foswiki/data/configurationlog.txt';
$Foswiki::cfg{DebugFileName} = 'C:/Foswiki/Foswiki/data/debug.txt';
$Foswiki::cfg{WarningFileName} = 'C:/Foswiki/Foswiki/data/warn28 Nov 2024.txt';
$Foswiki::cfg{LogFileName} = 'C:/Foswiki/Foswiki/data/log28 Nov 2024.txt';
$Foswiki::cfg{Languages}{cs}{Enabled} = 1;
$Foswiki::cfg{Languages}{da}{Enabled} = 1;
$Foswiki::cfg{Languages}{de}{Enabled} = 1;
$Foswiki::cfg{Languages}{es}{Enabled} = 1;
$Foswiki::cfg{Languages}{fr}{Enabled} = 1;
$Foswiki::cfg{Languages}{it}{Enabled} = 1;
$Foswiki::cfg{Languages}{nl}{Enabled} = 1;
$Foswiki::cfg{Languages}{pl}{Enabled} = 1;
$Foswiki::cfg{Languages}{pt}{Enabled} = 1;
$Foswiki::cfg{Languages}{ru}{Enabled} = 1;
$Foswiki::cfg{Languages}{sv}{Enabled} = 1;
$Foswiki::cfg{Languages}{'zh-cn'}{Enabled} = 1;
$Foswiki::cfg{Languages}{'zh-tw'}{Enabled} = 1;
$Foswiki::cfg{DisplayTimeValues} = 'gmtime';
$Foswiki::cfg{DefaultDateFormat} = '$day $month $year';
$Foswiki::cfg{Site}{Locale} = 'en_US.ISO-8859-1';
$Foswiki::cfg{Site}{LocaleRegexes} = 1;
$Foswiki::cfg{UpperNational} = '';
$Foswiki::cfg{LowerNational} = '';
$Foswiki::cfg{PluralToSingular} = 1;
$Foswiki::cfg{StoreImpl} = 'RcsLite';
$Foswiki::cfg{RCS}{ExtOption} = '-x,v';
$Foswiki::cfg{RCS}{dirPermission} = 493;
$Foswiki::cfg{RCS}{filePermission} = 420;
$Foswiki::cfg{Store}{RememberChangesFor} = 2678400;
$Foswiki::cfg{RCS}{asciiFileSuffixes} = '\\.(txt|html|xml|pl)$';
$Foswiki::cfg{RCS}{initBinaryCmd} = '/usr/bin/rcs -i -t-none -kb %FILENAME|F%';
$Foswiki::cfg{RCS}{initTextCmd} = '/usr/bin/rcs -i -t-none -ko %FILENAME|F%';
$Foswiki::cfg{RCS}{tmpBinaryCmd} = '/usr/bin/rcs -kb %FILENAME|F%';
$Foswiki::cfg{RCS}{ciCmd} = '/usr/bin/ci -m%COMMENT|U% -t-none -w%USERNAME|S% -u %FILENAME|F%';
$Foswiki::cfg{RCS}{ciDateCmd} = '/usr/bin/ci -m%COMMENT|U% -t-none -d%DATE|D% -u -w%USERNAME|S% %FILENAME|F%';
$Foswiki::cfg{RCS}{coCmd} = '/usr/bin/co -p%REVISION|N% -ko %FILENAME|F%';
$Foswiki::cfg{RCS}{histCmd} = '/usr/bin/rlog -h %FILENAME|F%';
$Foswiki::cfg{RCS}{infoCmd} = '/usr/bin/rlog -r%REVISION|N% %FILENAME|F%';
$Foswiki::cfg{RCS}{rlogDateCmd} = '/usr/bin/rlog -d%DATE|D% %FILENAME|F%';
$Foswiki::cfg{RCS}{diffCmd} = '/usr/bin/rcsdiff -q -w -B -r%REVISION1|N% -r%REVISION2|N% -ko --unified=%CONTEXT|N% %FILENAME|F%';
$Foswiki::cfg{RCS}{lockCmd} = '/usr/bin/rcs -l %FILENAME|F%';
$Foswiki::cfg{RCS}{unlockCmd} = '/usr/bin/rcs -u %FILENAME|F%';
$Foswiki::cfg{RCS}{breaklockCmd} = '/usr/bin/rcs -u -M %FILENAME|F%';
$Foswiki::cfg{RCS}{delRevCmd} = '/usr/bin/rcs -o%REVISION|N% %FILENAME|F%';
$Foswiki::cfg{RCS}{SearchAlgorithm} = 'Foswiki::Store::SearchAlgorithms::PurePerl';
$Foswiki::cfg{RCS}{EgrepCmd} = 'c:/PROGRA~1/GnuWin32/bin/grep -E %CS{|-i}% %DET{|-l}% -H -- %TOKEN|U% %FILES|F%';
$Foswiki::cfg{RCS}{FgrepCmd} = 'c:/PROGRA~1/GnuWin32/bin/grep -F %CS{|-i}% %DET{|-l}% -H -- %TOKEN|U% %FILES|F%';
$Foswiki::cfg{EnableHierarchicalWebs} = 0;
$Foswiki::cfg{SystemWebName} = 'System';
$Foswiki::cfg{TrashWebName} = 'Trash';
$Foswiki::cfg{UsersWebName} = 'Main';
$Foswiki::cfg{WebMasterEmail} = 'it-concept@btexx.de' ;
$Foswiki::cfg{WebMasterName} = 'Foswiki Administrator';
$Foswiki::cfg{MailProgram} = '';
$Foswiki::cfg{SMTP}{MAILHOST} = 'mail.btexx.net';
$Foswiki::cfg{SMTP}{SENDERHOST} = '';
$Foswiki::cfg{SMTP}{Username} = '';
$Foswiki::cfg{SMTP}{Password} = '';
$Foswiki::cfg{RemoveImgInMailnotify} = 1;
$Foswiki::cfg{NotifyTopicName} = 'WebNotify';
$Foswiki::cfg{SMTP}{Debug} = 0;
$Foswiki::cfg{PROXY}{HOST} = '';
$Foswiki::cfg{PROXY}{PORT} = '';
$Foswiki::cfg{Stats}{TopViews} = 10;
$Foswiki::cfg{Stats}{TopContrib} = 10;
$Foswiki::cfg{Stats}{TopicName} = 'WebStatistics';
$Foswiki::cfg{TemplatePath} = 'C:/Foswiki/Foswiki/templates/$web/$name.$skin.tmpl, C:/Foswiki/Foswiki/templates/$name.$skin.tmpl, C:/Foswiki/Foswiki/templates/$web/$name.tmpl, C:/Foswiki/Foswiki/templates/$name.tmpl, $web.$skinSkin$nameTemplate, System.$skinSkin$nameTemplate, $web.$nameTemplate, System.$nameTemplate';
$Foswiki::cfg{LinkProtocolPattern} = '(file|ftp|gopher|https|http|irc|mailto|news|nntp|telnet)';
$Foswiki::cfg{NumberOfRevisions} = 4;
$Foswiki::cfg{ReplaceIfEditedAgainWithin} = 3600;
$Foswiki::cfg{LeaseLength} = 3600;
$Foswiki::cfg{LeaseLengthLessForceful} = 3600;
$Foswiki::cfg{MimeTypesFileName} = 'C:/Foswiki/Foswiki/data/mime.types';
$Foswiki::cfg{Plugins}{CommentPlugin}{Enabled} = 1;
$Foswiki::cfg{Plugins}{EditTablePlugin}{Enabled} = 1;
$Foswiki::cfg{Plugins}{InterwikiPlugin}{Enabled} = 1;
$Foswiki::cfg{Plugins}{PreferencesPlugin}{Enabled} = 1;
$Foswiki::cfg{Plugins}{SlideShowPlugin}{Enabled} = 1;
$Foswiki::cfg{Plugins}{SmiliesPlugin}{Enabled} = 1;
$Foswiki::cfg{Plugins}{SpreadSheetPlugin}{Enabled} = 1;
$Foswiki::cfg{Plugins}{TablePlugin}{Enabled} = 1;
$Foswiki::cfg{Plugins}{TwistyPlugin}{Enabled} = 1;
$Foswiki::cfg{Plugins}{TinyMCEPlugin}{Enabled} = 1;
$Foswiki::cfg{Plugins}{WysiwygPlugin}{Enabled} = 1;
$Foswiki::cfg{PluginsOrder} = 'TWikiCompatibilityPlugin,SpreadSheetPlugin';
$Foswiki::cfg{MailerContrib}{EmailFilterIn} = '';
$Foswiki::cfg{Languages}{bg}{Enabled} = 1;
$Foswiki::cfg{Languages}{jp}{Enabled} = 1;
$Foswiki::cfg{Site}{CharSet} = 'iso-8859-15';
$Foswiki::cfg{Site}{Lang} = 'en';
$Foswiki::cfg{Site}{FullLang} = 'en-us';
$Foswiki::cfg{PermittedRedirectHostUrls} = 'http://vm-server25.btexx.net';
$Foswiki::cfg{EnableEmail} = 1;
$Foswiki::cfg{Validation}{Method} = 'strikeone';
$Foswiki::cfg{Validation}{ValidForTime} = 3600;
$Foswiki::cfg{Validation}{MaxKeysPerSession} = 1000;
$Foswiki::cfg{Validation}{ExpireKeyOnUse} = 1;
$Foswiki::cfg{TemplateLogin}{PreventBrowserRememberingPassword} = 0;
$Foswiki::cfg{Register}{RegistrationAgentWikiName} = 'RegistrationAgent';
$Foswiki::cfg{Log}{Implementation} = 'Foswiki::Logger::PlainFile';
$Foswiki::cfg{Languages}{ja}{Enabled} = 1;
$Foswiki::cfg{RCS}{QueryAlgorithm} = 'Foswiki::Store::QueryAlgorithms::BruteForce';
$Foswiki::cfg{SiteWebTopicName} = '';
$Foswiki::cfg{SitePrefsTopicName} = 'DefaultPreferences';
$Foswiki::cfg{LocalSitePreferences} = 'Main.SitePreferences';
$Foswiki::cfg{HomeTopicName} = 'WebHome';
$Foswiki::cfg{WebPrefsTopicName} = 'WebPreferences';
$Foswiki::cfg{Operators}{Query} = [
'Foswiki::Query::OP_and',
'Foswiki::Query::OP_eq',
'Foswiki::Query::OP_lc',
'Foswiki::Query::OP_lte',
'Foswiki::Query::OP_not',
'Foswiki::Query::OP_ref',
'Foswiki::Query::OP_d2n',
'Foswiki::Query::OP_gte',
'Foswiki::Query::OP_length',
'Foswiki::Query::OP_lt',
'Foswiki::Query::OP_ob',
'Foswiki::Query::OP_uc',
'Foswiki::Query::OP_dot',
'Foswiki::Query::OP_gt',
'Foswiki::Query::OP_like',
'Foswiki::Query::OP_ne',
'Foswiki::Query::OP_or',
'Foswiki::Query::OP_where'
];
$Foswiki::cfg{Operators}{If} = [
'Foswiki::If::OP_allows',
'Foswiki::If::OP_defined',
'Foswiki::If::OP_isempty',
'Foswiki::If::OP_ingroup',
'Foswiki::If::OP_isweb',
'Foswiki::If::OP_context',
'Foswiki::If::OP_dollar',
'Foswiki::If::OP_istopic'
];
$Foswiki::cfg{Plugins}{CommentPlugin}{Module} = 'Foswiki::Plugins::CommentPlugin';
$Foswiki::cfg{Plugins}{EditTablePlugin}{Module} = 'Foswiki::Plugins::EditTablePlugin';
$Foswiki::cfg{Plugins}{EmptyPlugin}{Module} = 'Foswiki::Plugins::EmptyPlugin';
$Foswiki::cfg{Plugins}{InterwikiPlugin}{Module} = 'Foswiki::Plugins::InterwikiPlugin';
$Foswiki::cfg{Plugins}{PreferencesPlugin}{Module} = 'Foswiki::Plugins::PreferencesPlugin';
$Foswiki::cfg{Plugins}{RenderListPlugin}{Module} = 'Foswiki::Plugins::RenderListPlugin';
$Foswiki::cfg{Plugins}{SlideShowPlugin}{Module} = 'Foswiki::Plugins::SlideShowPlugin';
$Foswiki::cfg{Plugins}{SmiliesPlugin}{Module} = 'Foswiki::Plugins::SmiliesPlugin';
$Foswiki::cfg{Plugins}{SpreadSheetPlugin}{Module} = 'Foswiki::Plugins::SpreadSheetPlugin';
$Foswiki::cfg{Plugins}{TablePlugin}{Module} = 'Foswiki::Plugins::TablePlugin';
$Foswiki::cfg{Plugins}{TinyMCEPlugin}{Module} = 'Foswiki::Plugins::TinyMCEPlugin';
$Foswiki::cfg{Plugins}{TWikiCompatibilityPlugin}{Enabled} = 1;
$Foswiki::cfg{Plugins}{TWikiCompatibilityPlugin}{Module} = 'Foswiki::Plugins::TWikiCompatibilityPlugin';
$Foswiki::cfg{Plugins}{TwistyPlugin}{Module} = 'Foswiki::Plugins::TwistyPlugin';
$Foswiki::cfg{Plugins}{WysiwygPlugin}{Module} = 'Foswiki::Plugins::WysiwygPlugin';
$Foswiki::cfg{Plugins}{WebSearchPath} = 'System,TWiki';
$Foswiki::cfg{ExtensionsRepositories} = 'Foswiki.org=( http://foswiki.org/Extensions/,http://foswiki.org/pub/Extensions/)' ;
$Foswiki::cfg{Plugins}{TWikiCompatibilityPlugin}{TWikiWebTopicNameConversion} = {
'TWikiFAQ' => 'FrequentlyAskedQuestions',
'TWikiCss' => 'CascadingStyleSheets',
'TWikiGlossary' => 'GlossaryOfTerms',
'TWikiLogos' => 'ProjectLogos',
'TWikiRegistration' => 'UserRegistration',
'TWikiReleaseNotes04x01' => '_remove_',
'TWikiSkinBrowser' => 'SkinBrowser',
'TWikiContributor' => 'ProjectContributor',
'TWikiSkins' => 'Skins',
'TWikiReleaseNotes04x00' => '_remove_',
'TWikiUserMappingContrib' => 'TopicUserMappingContrib',
'TWikiDownload' => 'DownloadSources',
'TWikiMetaData' => 'MetaData',
'TWikiUserAuthentication' => 'UserAuthentication',
'TWikiPreferences' => 'DefaultPreferences',
'TWikiScripts' => 'CommandAndCGIScripts',
'TWikiSiteTools' => 'SiteTools',
'TWikiReleaseNotes04x02' => 'ReleaseNotes01x00',
'ATasteOfTWiki' => 'BeginnersStartHere',
'TWikiUpgradeGuide' => 'UpgradeGuide',
'TWikiContribs' => 'Contribs',
'TWikiTutorial' => 'TwentyMinuteTutorial',
'TWikiUsersGuide' => 'UsersGuide',
'TWikiEditingShorthand' => 'EditingShorthand',
'TWikiDocumentation' => 'CompleteDocumentation',
'TWikiRegistrationAgent' => 'RegistrationAgent',
'TWikiReferenceManual' => 'ReferenceManual',
'TWikiEnhancementRequests' => 'EnhancementRequests',
'TWikiSite' => '_remove_',
'TWikiTopics' => 'TopicsAndWebs',
'TWikiAccessControl' => 'AccessControl',
'TWikiJavascripts' => 'JavascriptFiles',
'TWikiForms' => 'DataForms',
'TWikiSystemRequirements' => 'SystemRequirements',
'TWikiFaqTemplate' => 'FaqTemplate',
'TWikiTemplates' => 'TemplateTopics',
'TWikiRenderingShortcut' => 'RenderingShortcut',
'WhatDoesTWikiStandFor' => '_remove_',
'TWikiVariables' => 'Macros',
'TWikiPlannedFeatures' => '_remove_',
'TWikiVariablesQuickStart' => 'MacrosQuickStart',
'TWikiPlugins' => 'Plugins',
'TWikiUsersTemplate' => 'UsersTemplate',
'TWikiShorthand' => 'ShortHand',
'TWikiHistory' => 'ReleaseHistory',
'TWikiAddOns' => 'ContributedAddOns',
'TWikiInstallationGuide' => 'InstallationGuide',
'TWikiDocGraphics' => 'DocumentGraphics',
'TWikiWebsTable' => 'WebsTable',
'TWikiUserSetting' => 'UserSetting'
};
$Foswiki::cfg{Plugins}{TWikiCompatibilityPlugin}{MainWebTopicNameConversion} = {
'TWikiPreferences' => 'SitePreferences',
'TWikiGuest' => 'WikiGuest',
'TWikiRegistrationAgent' => 'RegistrationAgent',
'TWikiUsers' => 'WikiUsers',
'TWikiAdminGroup' => 'AdminGroup',
'TWikiAdminUser' => 'AdminUser',
'TWikiContributor' => 'ProjectContributor',
'TWikiGroupTemplate' => 'GroupTemplate',
'TWikiGroups' => 'WikiGroups'
};
$Foswiki::cfg{Plugins}{TWikiCompatibilityPlugin}{WebSearchPath} = {
'System' => 'TWiki',
'TWiki' => 'System'
};
$Foswiki::cfg{Ldap}{Host} = 'ldap.btexx.net';
$Foswiki::cfg{Ldap}{Port} = 389;
$Foswiki::cfg{Ldap}{Version} = 3;
$Foswiki::cfg{Ldap}{Base} = 'dc=btexx,dc=de';
$Foswiki::cfg{Ldap}{BindDN} = 'cn=ldapconnect,ou=Spezialuser,ou=corporatedirectory,ou=btexx,dc=btexx,dc=de';
$Foswiki::cfg{Ldap}{BindPassword} = 'BTXads.';
$Foswiki::cfg{Ldap}{UseSASL} = 0;
$Foswiki::cfg{Ldap}{SASLMechanism} = 'PLAIN CRAM-MD5 EXTERNAL ANONYMOUS';
$Foswiki::cfg{Ldap}{UseTLS} = 0;
$Foswiki::cfg{Ldap}{TLSSSLVersion} = 'tlsv1';
$Foswiki::cfg{Ldap}{TLSVerify} = 'require';
$Foswiki::cfg{Ldap}{TLSCAPath} = '';
$Foswiki::cfg{Ldap}{TLSCAFile} = '';
$Foswiki::cfg{Ldap}{TLSClientCert} = '';
$Foswiki::cfg{Ldap}{TLSClientKey} = '';
$Foswiki::cfg{Ldap}{Debug} = 1;
$Foswiki::cfg{Ldap}{UserBase} = 'dc=btexx,dc=de';
$Foswiki::cfg{Ldap}{LoginFilter} = 'objectClass=person';
$Foswiki::cfg{Ldap}{UserScope} = 'sub';
$Foswiki::cfg{Ldap}{LoginAttribute} = 'sAMAccountName';
$Foswiki::cfg{Ldap}{WikiNameAttribute} = 'givenName, sn';
$Foswiki::cfg{Ldap}{NormalizeWikiNames} = 1;
$Foswiki::cfg{Ldap}{NormalizeLoginNames} = 0;
$Foswiki::cfg{Ldap}{WikiNameAliases} = '';
$Foswiki::cfg{Ldap}{AllowChangePassword} = 0;
$Foswiki::cfg{Ldap}{SecondaryPasswordManager} = 'Foswiki::Users::HtPasswdUser';
$Foswiki::cfg{Ldap}{GroupBase} = 'dc=btexx,dc=de';
$Foswiki::cfg{Ldap}{GroupFilter} = 'objectClass=group';
$Foswiki::cfg{Ldap}{GroupScope} = 'sub';
$Foswiki::cfg{Ldap}{GroupAttribute} = 'cn';
$Foswiki::cfg{Ldap}{PrimaryGroupAttribute} = 'gidNumber';
$Foswiki::cfg{Ldap}{MemberAttribute} = 'memberUid';
$Foswiki::cfg{Ldap}{InnerGroupAttribute} = 'memberUid';
$Foswiki::cfg{Ldap}{MemberIndirection} = 0;
$Foswiki::cfg{Ldap}{WikiGroupsBackoff} = 1;
$Foswiki::cfg{Ldap}{NormalizeGroupNames} = 0;
$Foswiki::cfg{Ldap}{MapGroups} = 1;
$Foswiki::cfg{Ldap}{RewriteGroups} = {};
$Foswiki::cfg{Ldap}{RewriteWikiNames} = {};
$Foswiki::cfg{Ldap}{MergeGroups} = 0;
$Foswiki::cfg{Ldap}{MaxCacheAge} = 86400;
$Foswiki::cfg{Ldap}{Precache} = 1;
$Foswiki::cfg{Ldap}{PageSize} = 500;
$Foswiki::cfg{Ldap}{Exclude} = 'WikiGuest, ProjectContributor, RegistrationAgent, UnknownUser, AdminGroup, NobodyGroup';
1;
Unfortunately I have (at least) two problems, I can not solve:
1) If I click on Login (Lgon In or Register) I see the following information
Access check on Main failed. Action "viewauth": authentication required.
This may mean, that I am not authorised to see the page (?) How can I authorize users which want to log in to see this page?
In ideal case I would be able to have something like SingleSignOn so login at least is not neccessary.
But for the first step it would be o.k. to see the login dialog instead of the above error.
2) I see several log entries in my apache error.log
_WARNING: error refeshing the user cache: 49: 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece, referer: http://mycompany.xx.de/foswiki/bin/view/Main/WebHome _
_[Wed Mar 31 20:42:20 2010] [error] [client 10.211.0.5] - LdapContrib - updating cache done, referer: http://mycompany.xx.de/foswiki/bin/view/Main/WebHome _
[Wed Mar 31 20:44:00 2010] [error] [client 10.211.0.5] - LdapContrib - cacheAge=9999999999, maxCacheAge=86400, lastUpdate=0, refresh=1
[Wed Mar 31 20:44:00 2010] [error] [client 10.211.0.5] - LdapContrib - updating cache
[Wed Mar 31 20:44:00 2010] [error] [client 10.211.0.5] - LdapContrib - called search(filter=objectClass=user, base=ou=mycompany,dc=mycompany,dc=de, scope=sub, limit=0, attrs=sAMAccountName,mail,gidNumber,givenName,sn)
[Wed Mar 31 20:44:00 2010] [error] [client 10.211.0.5] - LdapContrib - 49: 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece
[Wed Mar 31 20:44:00 2010] [error] [client 10.211.0.5] - LdapContrib - failed to bind
[Wed Mar 31 20:44:00 2010] [error] [client 10.211.0.5] - LdapContrib - error in search: 49: 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece
seems that ldap authentiction is not working at all (?) Perhaps this is also the cause for the first error?
Can anybody please give any hint to me. I have the chance to establish foswiki in our company but the LDAP configuration is one of the MUST critrias....
further information
If I change back LoginManager in Foswiki configuration to "TemplateLogin" the Login Dialog appears. If I try to login with my windows account I get "oops: we could not recognize you. Try again or ...". I think this authentication has nothing to do with ldap (or does it?)
Thank you in advance for any help, -- ChristineSpietz - 06 Apr 2010
For BindDN I use "
[email protected]". That is worth a try, the same error you get is mentioned in the forums at the
ldapadministrator support forums. I have ldap with TemplateLogin and that works correct. I used a simple ldap browser app to verify that binding and browsing the AD domain worked.
--
LarsEik - 06 Apr 2010
I've tried to find the same error in the ldapadministrator support forum but I can't find it. May you please give me the link or tell me the topic to find the message? Repsonses to my search always were like this:
No posts were found because the word ldapcontrib is not contained in any post.
No posts were found because the word dsid-0c090334 is not contained in any post.
Also I do not really know what you mean with "for BindDN I use [email protected]". sorry for that, but I never worked with ldap nor foswiki. So can you please explain this in more detail? Is this a configuration entry?
-- ChristineSpietz - 07 Apr 2010
Here is the forum. There is another way of specifying the username to bind to AD with. You have used the DN type (distinguished name), like cn=user,ou=folder, dc=mycompany... Another way is to use the UPN (user principal name) which is like an email address (but it's not an email unless extra config is done), try:
[email protected]
I have managed to AD auth for our domain like that myself. There's probably a better explanation somewhere, or even it might be another problem that you have. Anywas, the very error code you get means that the user was not found while trying to bind. And if the user really is where specified I think that means that AD don't respond to the ldap request for authentication but will respond to
[email protected] because it then uses kerberos (or something).
--
LarsEik - 07 Apr 2010
Thanks a lot for the hints. I solved the ldap authentication issue with the configuration of {Ldap}{BindDN} to
ldapconnect@btexx.de. Now I can authenticate to the wiki via LDAP
Currently the
LoginManager configuration is on
TemplateLogin. If I switch it to
LdapApacheLogin I still see the error message "Access check on
Main failed. Action "viewauth": authentication required." after click to Login. I think I need the
LdapApacheLogin if I want to use
SingleSignOn, but I'am not sure about that. Does anybody know how to configure the SSO or how to solve the mentioned error?
--
ChristineSpietz - 07 Apr 2010
Hum, first I've changed the title of this topic so it doesn't break the search results.
Second, it seems most of this is answered. Christine, if you need some more support, I guess you should open a new question. Also, reading the thread, it seems you're trying to do SSO by configuring
LdapContrib. That's not possible. Have you read
Ldap contrib and SSO? You have to configure your apache server to do the authentication, and then use
LdapContrib to map this back to something Foswiki can understand.
I'll mark this question as answered, as Lars did a great job there.
--
OlivierRaginel - 13 Jul 2010