hi, I'm working with the latest stable release of dokuwiki and i am having troubles with LDAP. User authentication througth LDAP works fine but ACL group permissions doesn't work. My local.php configuration is the next: $conf['useacl'] = 1; $conf['superuser'] = '@i2tadmins'; $conf['openregister']= 0; $conf['authtype'] = 'ldap'; $conf['auth']['ldap']['server'] = 'ldap://127.0.0.1:389'; $conf['auth']['ldap']['binddn'] = 'cn=unix,ou=admins,dc=i2t,dc=xxx,dc=yy'; $conf['auth']['ldap']['binddn'] = 'cn=unix,ou=admins,dc=i2t,dc=xxx,dc=yy'; $conf['auth']['ldap']['bindpw'] = 'unixI2Topenldap'; $conf['auth']['ldap']['usertree'] = 'ou=users,dc=i2t,dc=xxx,dc=yy'; $conf['auth']['ldap']['userfilter'] = '(&(uid=%{user})(objectClass=posixAccount))'; $conf['auth']['ldap']['grouptree'] = 'ou=groups,dc=i2t,dc=xxx,dc=yy'; $conf['auth']['ldap']['groupfilter'] = '(&(objectClass=posixGroup)(|(gidNumber=%{gid})(memberUID=%{uid})))'; $conf['auth']['ldap']['version'] = 3; $conf['auth']['ldap']['debug'] = true; And my acl.auth.php file : admin:* @i2t 1 admin:* @i2tadmins 16 wiki:* @i2t 1 wiki:* @i2tadmins 1 * @ALL 0 * @i2t 16 * @i2tadmins 16 When i realize a ldap search for groups with that settings, ldapserarch tool works fine: $ ldapsearch -x -LLL -D "cn=unix,ou=admins,dc=i2t,dc=xxx,dc=yy" -W -b "ou=groups,dc=i2t,dc=xxx,dc=yy" '(&(objectClass=posixGroup)(|(gidNumber=10002)(memberUID=pizac)))' dn: cn=i2t,ou=groups,dc=i2t,dc=xxx,dc=yy objectClass: sambaGroupMapping objectClass: posixGroup displayName: I2T Member sambaGroupType: 2 sambaSID: S-1-5-21-1773954950-4189186184-4069137831-21003 gidNumber: 10001 cn: i2t memberUid: pizac dn: cn=i2tadmins,ou=groups,dc=i2t,dc=xxx,dc=yy objectClass: sambaGroupMapping objectClass: posixGroup displayName: I2T Administrators sambaGroupType: 2 sambaSID: S-1-5-21-1773954950-4189186184-4069137831-21005 description: I2T Administrators gidNumber: 10002 cn: i2tadmins As it can be seen, i am in two groups, one of which have asigned all privileges in the acl.auth.conf (i2tadmins) and the other one at list read permisions. Since the ldapsearch command is sucessfull i understand the groupfilter is ok. But when i logon in Dokuwiki i cann't even read the start page, it seems that i am in ALL group. Any suggestions? Thanks, -- Christian Pinedo Zamalloa -- DokuWiki mailing list - more info at http://wiki.splitbrain.org/wiki:mailinglist