[dokuwiki] Re: LDAP: can not bind anonymously

• From: Werner Flamme <werner.flamme@xxxxxx>
• To: dokuwiki@xxxxxxxxxxxxx
• Date: Wed, 15 Mar 2006 13:27:38 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hamish schrieb am 15.03.2006 12:41:
> Hello all
> 
> I have just tried to upgrade dokuwiki from 2005-09-22e to 2006-03-09, it 
> seemed to work fine, all the content is ok, and the sidebar template seems to 
> be working (some minor wierdness with table of contents). The problem is with 
> LDAP:
> 
> When I try to log in with ldap, at the top of the dokuwiki gui I get:
> LDAP: can not bind anonymously
> Sorry, username or password was wrong.
> 
> I am guessing that the username and password was not even checked.
> When I add a bind dn to local.php, It no longer complains about anonymous 
> bind, but still has errors with user/pass incorrect.
> 
> In the openldap log (logging -1), I get what seems to be a TLS error (TLS 
> accept error error=-1 id=120, closing). In context:
> daemon: activity on 1 descriptors
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: daemon: new connection on 
> 21
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: conn=120 fd=21 ACCEPT from 
> IP=ip.of.dokuwiki.server:33234 (IP=0.0.0.0:636)
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: daemon: added 21r
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: daemon: activity on:
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]:
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: daemon: select: listen=6 
> active_threads=1 tvp=zero
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: daemon: select: listen=7 
> active_threads=1 tvp=zero
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: daemon: select: listen=8 
> active_threads=1 tvp=zero
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: daemon: select: listen=9 
> active_threads=1 tvp=zero
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: daemon: activity on 1 
> descriptors
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: daemon: activity on:
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]:  21r
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]:
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: daemon: read activity on 21
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: connection_get(21)
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: connection_get(21): got 
> connid=120
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: connection_read(21): 
> checking for input on id=120
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: connection_read(21): TLS 
> accept error error=-1 id=120, closing
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: connection_closing: 
> readying conn=120 sd=21 for close
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: connection_close: conn=120 
> sd=21
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: daemon: removing 21
> Mar 15 11:02:47 myldapserver <debug> slapd[26039]: conn=120 fd=21 closed
> 
> I have the installations running side by side, and the 2005-09-22e works 
> fine. 
> Apparently there have been big changes to the auth backend. Should I modify 
> my local.php? My local.php ldap section is as follows (cleaned):
> 
> $conf['auth']['ldap']['server']      = 'myldapserver';
> $conf['auth']['ldap']['usertree']    = 'dc=mydomain, dc=com';
> $conf['auth']['ldap']['grouptree']   = 'dc=mydomain, dc=com';
> $conf['auth']['ldap']['userfilter']  = '(&(uid=%{user}))';
> $conf['auth']['ldap']['groupfilter'] = '(&(objectClass=kolabGroupOfNames)
> (member=%{dn}))';
> #$conf['auth']['ldap']['groupfilter'] = '(&(member=%{dn}))';
> #$conf['auth']['ldap']['mapping'] = array();
> #$conf['auth']['ldap']['binddn']   = 
> 'cn=nobody,cn=internal,dc=mydomain,dc=com';
> #$conf['auth']['ldap']['bindpw']   = '{removed}';
> $conf['auth']['ldap']['referrals']   = 0;
> $conf['auth']['ldap']['version']     = 3;
> 
> I have commented out the bind dn, as this did not seem to make a difference, 
> and the $conf['auth']['ldap']['mapping'] = array(); was a fix from a previous 
> upgrade.
> 
> Any ideas?
> Thanks,
> H
H,

I had this problem on monday when I did the upgrade. I solved it by
entering 'ldap://ldaphost.domain.tld:389' as LDAP-Hostname.

HTH,
Werner

- --
Werner Flamme, Abt. WKDV
UFZ Umweltforschungszentrum Leipzig-Halle GmbH,
Permoserstr. 15 - 04318 Leipzig
Tel.: (0341) 235-3921 - Fax (0341) 235-453921
http://www.ufz.de - eMail: werner.flamme@xxxxxx




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEGAg6k33Krq8b42MRAk12AJ44oMrIvoobFLn13dGOmabVlufBuwCbBrph
oSrK8mZgKA7A1KkQiQAbBH4=
=sPAi
-----END PGP SIGNATURE-----
-- 
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist

• Follow-Ups:
  • [dokuwiki] Re: LDAP: can not bind anonymously
    • From: Hamish

• References:
  • [dokuwiki] LDAP: can not bind anonymously
    • From: Hamish

Other related posts:

• » [dokuwiki] LDAP: can not bind anonymously
• » [dokuwiki] Re: LDAP: can not bind anonymously
• » [dokuwiki] Re: LDAP: can not bind anonymously

1. Home
2. dokuwiki
3. Archive
4. 03-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---