create new tag
, view all tags


I have installed 4.2. Everything is working as expected (with little tweaking ...) except the ldap integration. Authentication works fine with LDAP but only issue is the case. If I login as phani.yenugu or Phani.Yenugu the wikiname should be PhaniYenugu right ? But the wikiname is phaniyenugu when I login as phani.yenugu. I did check other posts/bugs/chats but I did not find a solution to fix this issue. WikiName format is what is causing issues to me. As long as either lowercase or uppercase works, I have no problem. But WikiName format is what is causing the permission issues to the topics.

I wan to put this in production as soon as possible. Hundreds of users are eagerly waiting to starting using TWiki. I would appreciate if anyone could give me a fix. I dont know at this point what I am going to do after spending so much time and energy setting my wiki site up. Please help !!!!!

I am using aix 5.3, apache 2.6, twiki 4.2 with Microsoft AD for LDAP.

LDAP related config :

$TWiki::cfg{LoginManager} = 'TWiki::LoginManager::TemplateLogin';

$TWiki::cfg{UserMappingManager} = 'TWiki::Users::LdapUserMapping';

$TWiki::cfg{Register}{EnableNewUserRegistration} = 0;

$TWiki::cfg{Register}{HidePasswd} = 1;

$TWiki::cfg{PasswordManager} = 'TWiki::Users::LdapUser';

$TWiki::cfg{Ldap}{Host} = 'xxxx';

$TWiki::cfg{Ldap}{Port} = 389;

$TWiki::cfg{Ldap}{Version} = '3';

$TWiki::cfg{Ldap}{Base} = 'dc=na,dc=mycompany,dc=com';

$TWiki::cfg{Ldap}{BindDN} = 'cn=slc.wikildap,ou=serviceaccounts,ou=users,ou=group,dc=na,dc=company,dc=com';

$TWiki::cfg{Ldap}{BindPassword} = 'secret'; $TWiki::cfg{Ldap}{UseSASL} = 0;


$TWiki::cfg{Ldap}{Debug} = 1;

$TWiki::cfg{Ldap}{UserBase} = 'dc=na,dc=saralee,dc=com';

$TWiki::cfg{Ldap}{LoginFilter} = 'objectClass=user';

$TWiki::cfg{Ldap}{LoginAttribute} = 'sAMAccountname';

$TWiki::cfg{Ldap}{WikiNameAttribute} = 'givenName, sn';

$TWiki::cfg{Ldap}{NormalizeWikiNames} = 1;

$TWiki::cfg{Ldap}{NormalizeLoginName} = 1;

$TWiki::cfg{Ldap}{AllowChangePassword} = 0;

$TWiki::cfg{Ldap}{SecondaryPasswordManager} = 'none';

$TWiki::cfg{Ldap}{GroupBase} = 'ou=group,dc=my,dc=domain,dc=com';

$TWiki::cfg{Ldap}{GroupFilter} = 'objectClass=group';

$TWiki::cfg{Ldap}{GroupAttribute} = 'sAMAccountname';

$TWiki::cfg{Ldap}{MemberAttribute} = 'memberUid';

$TWiki::cfg{Ldap}{MemberIndirection} = 0;

$TWiki::cfg{Ldap}{TWikiGroupsBackoff} = 1;

$TWiki::cfg{Ldap}{NormalizeGroupName} = 0;

$TWiki::cfg{Ldap}{MapGroups} = 0;

$TWiki::cfg{Ldap}{MaxCacheAge} = 86400;

$TWiki::cfg{Ldap}{PageSize} = 500;

$TWiki::cfg{Ldap}{Exclude} = 'TWikiGuest, TWikiContributor, TWikiRegistrationAgent, TWikiAdminGroup, NobodyGroup ';

$TWiki::cfg{Plugins}{LdapNgPlugin}{Enabled} = 1;

$TWiki::cfg{Plugins}{NewUserPlugin}{Enabled} = 1;


TWiki version: TWikiRelease04x02x00
TWiki plugins: CommentPlugin;LdaNgPlugin;NewUserPlugin;EditTablePlugin;InterwikiPlugin;PreferencesPlugin;SlideShowPlugin;SmiliesPlugin;SpreadSheetPlugin;TablePlugin;TwistyPlugin;EmptyPlugin;RenderListPlugin;BreadCrumbsPlugin;FilterPlugin;FlexWebListPlugin;GluePlugin;IfDefinedPlugin;NatSkinPlugin;RedDotPlugin;JQueryPlugin;GoogleAjaxSearchPlugin;
Server OS: AIX 5.3
Web server: Apache 2.6
Perl version: 5.8.2
Client OS: MS Windows XP
Web Browser: IE 6.0
Categories: Add-Ons

-- PhaniYenugu - 28 May 2008


ALERT! If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

Anyone ? Please help !!!

-- PhaniYenugu - 29 May 2008

What are your component versions? (LdapNgPlugin requires LdapContrib). The latest versions appear to be:

That contrib version "fixed normalization error", which might be the cause of your problem.

-- SeanCMorgan - 29 May 2008

Thanks Sean. I just installed the new LdapContrib and I still see my WikiName on the top. If I login as phani.yenugu and Phani.Yenugu I still see 2 topics being created in Main Web. Also I dont see the TWikiUsers topic is not being populated ? Any clue there ?

-- PhaniYenugu - 29 May 2008

As I read the code, your setting of {Ldap}{NormalizeWikiNames} = 1; is supposed to convert your two login cases into a WikiName.

Maybe in addition to this support request, you should report it at Bugs:LdapNgPlugin or Bugs:LdapContrib.

On the second part, please check that the TWikiRegistrationAgent user has change access to the TWikiUsers topic.

-- SeanCMorgan - 29 May 2008

Thanks Sean. I changed $TWiki::cfg{Ldap}{WikiNameAttribute} value from 'givenName, sn' to 'cn' and did not help either. I will check access of TWikiUsers topic permissions.

-- PhaniYenugu - 29 May 2008

What the actual value of 'cn' for your account? On my system, it's "Morgan, Sean", which isn't what you want. Actually, if you don't mind, can you double-check what your account has for each of these:

  • cn =
  • givenName =
  • sAMAccountname =
  • sn =

-- SeanCMorgan - 29 May 2008

One more thing: take a look WikiNameBackwardsAndInCaps, especially the code changes at the end. He captured some additional information in debug, and then tweaked the generated names himself.

-- SeanCMorgan - 29 May 2008

From Apache log : adding wikiName='PhaniYenugu', loginName='phani.yenugu', dn=CN=phani.yenugu,OU=Users,OU=City,OU=Corporate,DC=na,DC=company,DC=com.

How can I check the rest of the values ? I checked TWikiUsers topic and TWikiGuest and TWikiRegistration has access to changethetopic.

-- PhaniYenugu - 29 May 2008

I checked the link earlier. But I thought the current Version of LdapContrib would fix the issue.

-- PhaniYenugu - 29 May 2008

When I run %LDAPUSERS{}%, I get only PhaniYenugu and not phaniyenugu even though I am able to log on as phani.yenugu and Phani.Yenugu. I am confused.

-- PhaniYenugu - 29 May 2008

Sean.. Looks like I accidentally locked myself out in the other Groups issue that I had. Check out to see if you can access it.

-- PhaniYenugu - 29 May 2008

I sent a note to Peter Theony to fix the access issue on the TWikiGroupsIssue.

-- PhaniYenugu - 29 May 2008

My login id is also the same format (alex.wong) and I am having the exact issue.

-- AlexWong - 29 May 2008

There is a similar issue here: LdapLoginNameNotAWikiName . Based on that information, I made an ugly hack to fix this.

Add the following to the getWikiNameOfLogin function located in the file LdapContrib.pm

$loginName =~ s/\_46/\./g;

Add this between

$loginName = lc($loginName);

and this

return TWiki::Sandbox::untaintUnchecked($this->{data}{"U2W::$loginName"});

The number 46 is the ASCII code for a period. It gets converted somewhere.

Hope this helps.

-- AlexWong - 30 May 2008

Wow. That was excellent. It seems like fixed it. I will now check to see if my TWikiGroupsIssue is resolved.

-- PhaniYenugu - 30 May 2008

Nope. It did not fix it. I still have issues with it. Alex, can you take a look at TWikiGroupsIssue and let me know if you have any ideas ?

-- PhaniYenugu - 30 May 2008

Since this is resolved for me. I am going change to AnsweredQuestions.

-- PhaniYenugu - 30 May 2008

Change status to:
Edit | Attach | Watch | Print version | History: r12 < r11 < r10 < r9 < r8 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r12 - 2008-05-30 - PhaniYenugu
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2018 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.