SID-01913: LDAPS Authentication

Status:	Unanswered	TWiki version:	5.0.1	Perl version:	5.10.1
Category:	LdapContrib	Server OS:	RedHat Linux 6.1	Last update:	10 years ago

I am trying to configure LDAPS using the LdapContrib plugin. Our AD naming convention is firstname.lastname and if I type in a valid AD username with a dot, twiki doesn't attempt to connect to AD. If I type in a valid AD username without a dot or if I type in a valid Twiki name w/o a dot, it attempts to authenticate to AD, but throws an exception stating "Can't call method "can" on an undefined value at /usr/local/share/perl5/Net/LDAP.pm line 428"

Settings: Host: IP address of the DC Port: 636 Version: 3 Base: the base DN BindDN: CN=bindaccount,OU=group2,OU=group1,the base DN BindPassword: password for bindaccount UseSASL=1 SASL Mechanism: GSSAPI GSS-SPNEGO EXTERNAL DIGEST-MD5 GSSAPIuser: CN=bindaccount,OU=group2,OU=group1,the base DN UseTLS=1 TLSSSLVersion: sslv2/3 TLSVerify: optional TLSCAPath: path to certs TLSCAFile: name of file TLSClientCert: SSL cer file TLSClientKey: SSL key file Debug=1 UserBase: OU=Users,the base DN LoginFilter: objectClass=User UserScope: sub LoginAttribute: sAMAccountName MailAttribute: mail WikiNameAttributes: sAMAccountName NormalizeWikiNames=1 NormalizeLoginNames=1

Pretty much everything else is blank or default

Thanks

-- Adam Gold - 2014-04-24

Discussion and Answer

Closing this question after more than 30 days of inactivity. Feel free to reopen if needed. Consider engaging one of the TWiki consultants if you need timely help. We invite you to get involved with the community, it is more likely you get community support if you support the open source project!

-- Peter Thoeny - 2015-12-03

If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.