Tags:
create new tag
view all tags

Question

I recently configure my twiki to user LDAP authentication. I installed all the plugins that were needed. And now I get this error. I checked and all the files are where they are supposed to be. Do I have to do something else with perl? All these paths are in my LocalLib.cfg file.

Password Manager: Can't locate LdapUser.pm in @INC (@INC contains: /var/www/html/twiki/lib/CPAN/lib /var/www/html/twiki/lib//CPAN/lib//arch/ /var/www/html/twiki/lib//CPAN/lib//5.8.8/i386-linux-thread-multi/ /var/www/html/twiki/lib//CPAN/lib//5.8.8/ /var/www/html/twiki/lib//CPAN/lib// /var/www/html/twiki/lib/ . /usr/lib/perl5/site_perl/5.8.8/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.7/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.6/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.8 /usr/lib/perl5/site_perl/5.8.7 /usr/lib/perl5/site_perl/5.8.6 /usr/lib/perl5/site_perl/5.8.5 /usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.3 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.7/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.6/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.8 /usr/lib/perl5/vendor_perl/5.8.7 /usr/lib/perl5/vendor_perl/5.8.6 /usr/lib/perl5/vendor_perl/5.8.5 /usr/lib/perl5/vendor_perl/5.8.4 /usr/lib/perl5/vendor_perl/5.8.3 /usr/lib/perl5/vendor_perl /usr/lib/perl5/5.8.8/i386-linux-thread-multi /usr/lib/perl5/5.8.8) at (eval 12) line 2. BEGIN failed--compilation aborted at (eval 12) line 2.

Environment

TWiki version: TWikiRelease04x00x00
TWiki plugins: Net::LDAP(CPAN), perl-ldap-0.33
Server OS: FC 5
Web server: Apache
Perl version: 5.8.8
Client OS: FC5
Web Browser:  
Categories: Authentication

-- JamesDWilson - 24 Nov 2006

Answer

ALERT! If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

I have never used LDAP authentication however I have seen this type of error message before. It seems that TWiki cannot locate the file LdapUser.pm in any of the paths listed. I would verify

  • the file is in one of the specified paths
  • the paths are correct (maybe there is a minor typo in the path where that file is supposed to be?)
  • the file is readable by the user that the web server is running as

-- RickMach - 25 Nov 2006

1. The file is in one of the paths specified. 2. I have checked for typos in the LocalLib.cfg file should I look somewhere else? 3. The file like all my other files in twiki are readable by root:root.

-- JamesDWilson - 27 Nov 2006

What plugins did you install? I didn't have to install any to get it working. I set up the LDAP auth in apache, then in the twiki configuration, I set Login Manager to "none" and turned on MapUserToWikiName. All three boxes are checked under my Registration options as well. Works fine for me, though I still have to make sure that users go to the registration page first.

-- AndyHarrison - 09 Dec 2006

This is tricky if you don't know the organization of your LDAP directory. My suggestion is to first find out the organization of your LDAP directory. If you have administrative access to an ActiveDirectory server, you can check the organization directly. Otherwise, you can download a free utility to help you browse the ActiveDirectory server. I've found that the Softerra LDAP Browser is a pretty good tool to scan the ActiveDirectory server. Softerra LDAP Browser is a free tool and it can be downloaded from the following URL: http://www.ldapadministrator.com/download.htm.

The following instructions assume that you've hosted TWiki in an Apache:Linux/Unix environment and you are using Microsoft ActiveDirectory for LDAP authentication.

1. Install Softerra LDAP Browser and login to the ActiveDirectory server with your user permissions. Now check the Base DN and Bind DN. The Base DN is the root of the LDAP directory and it will be of the form dc=your_Company,dc=com. The Bind DN is the distinguished name of a user with search permissions on the directory. To find the Bind DN, go to the "Users" organization unit (OU) and find your name in the list. Check the properties of your DN, it will be of the form: CN=Your_Name,OU=Users,DC=your_company,DC=com'. You now have the Base and BindDN information.

2. Load the LDAP modules in your Apache configuration file (httpd.conf) by uncommenting the following lines: 

LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so

3. Open the Apache configuration file (httpd.conf or twiki.conf) for editing and add the LDAP configuration information in this file. To enable LDAP authentication, you will have to specify the following data alongwith the Base DN and Bind DN information:

  • LDAP Bind Password: Password to login to the LDAP server. This will be the same password that you used with Softerra LDAP Browser.
  • LDAP query URL: URL to query the LDAP server. Note: You will have to specify the port for querying the LDAP server. If your users are split across organization units, you will have to use port 3268. otherwise use port 389.

The following configuration information is from my Apache configuration file (twiki.conf). Copy the information given here to your Apache configuration file and replace with your hostname and login information: 

<Directory "/var/www/twiki/bin">
    AuthBasicProvider ldap

    # LDAP Authentication & Authorization is final; do not check other databases
    AuthzLDAPAuthoritative off

#  Do basic password authentication in the clear
   AuthType Basic
#  The name of the protected area or "realm"
   AuthName "TWiki"
#  Active Directory requires an authenticating DN to access records
   AuthLDAPBindDN "CN=my_name,OU=Users,DC=my_company,DC=com"
#  This is the password for the AuthLDAPBindDN user in Active Directory
   AuthLDAPBindPassword my_password
#  The LDAP query URL
   AuthLDAPURL ldap://my_ldaphost:3268/DC=my_company,DC=com?sAMAccountName?sub?(objectClass=user)
   AuthLDAPGroupAttribute department
   AuthLDAPGroupAttributeIsDN off
   require valid-user
</Directory>

4. Open LocalSite.cfg and make the following changes to the PasswordManager and LoginManager fields: 

$TWiki::cfg{PasswordManager} = 'TWiki::Users::LdapUser';
$TWiki::cfg{LoginManager} = 'none';

5. Restart Apache by running the command: 

service httpd restart
Your LDAP authentication should be working now.

-- AlokNarula - 13 Dec 2006

Im on CentOs 6.4 using the Twiki VM for VMware in Virtual Box instead.

For me, it was merely installing the missing perl library

'yum install perl-LDAP' solved the above error for me.

-- Ian Walker - 2015-08-14

Change status to:
WebForm
SupportStatus AnsweredQuestions
Edit | Attach | Watch | Print version | History: r8 < r7 < r6 < r5 < r4 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r8 - 2015-08-14 - PeterThoeny
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.