Tags:
create new tag
view all tags

Question

Hi,

I am maintaining an intranet wiki based on TWiki. We have a corporate Active Directory with LDAP interface, and I tried to use the LdapContrib plugin to help with this. Here are the settings I used (edited machine and proxy user details for security) - 

$TWiki::cfg{Ldap}{Host} = 'ldaphost.domain.com';
$TWiki::cfg{Ldap}{Port} = 389;
$TWiki::cfg{Ldap}{Version} = '3';
$TWiki::cfg{Ldap}{Base} = 'dc=domain,dc=com';
$TWiki::cfg{Ldap}{BindDN} = 'CN=proxyuser,DC=domain,DC=com';
$TWiki::cfg{Ldap}{BindPassword} = 'proxypassword';
$TWiki::cfg{Ldap}{SSL} = 0;
$TWiki::cfg{Ldap}{UseSASL} = 0;
$TWiki::cfg{Ldap}{SASLMechanism} = 'PLAIN CRAM-MD5 EXTERNAL ANONYMOUS';
$TWiki::cfg{Ldap}{Debug} = 1;
$TWiki::cfg{Ldap}{UserBase} = 'dc=domain,dc=com';
$TWiki::cfg{Ldap}{LoginFilter} = 'objectClass=user';
$TWiki::cfg{Ldap}{LoginAttribute} = 'sAMAccountName';
$TWiki::cfg{Ldap}{WikiNameAttribute} = 'cn';
$TWiki::cfg{Ldap}{NormalizeWikiNames} = 1;
$TWiki::cfg{Ldap}{NormalizeLoginName} = 0;
$TWiki::cfg{Ldap}{AllowChangePassword} = 0;
$TWiki::cfg{Ldap}{SecondaryPasswordManager} = 'TWiki::Users::HtPasswdUser';

I get the following errors in the log file - 

[Wed Jan 09 22:13:49 2008] [error] [client 10.192.254.47] updating cache
[Wed Jan 09 22:13:49 2008] [error] [client 10.192.254.47] called refreshCache
[Wed Jan 09 22:13:49 2008] [error] [client 10.192.254.47] called refreshUsersCache()
[Wed Jan 09 22:13:49 2008] [error] [client 10.192.254.47] called search(filter=objectClass=*, base=dc=domain,dc=com, scope=sub, limit=0, attrs=sAMAccountName,mail,cn)
[Wed Jan 09 22:13:49 2008] [error] [client 10.192.254.47] error in search: failed to connect to ldaphost.domain.com: IO::Socket::INET: connect: Permission denied
[Wed Jan 09 22:13:49 2008] [error] [client 10.192.254.47] error refeshing the user cashe: failed to connect to ldaphost.domain.com: IO::Socket::INET: connect: Permission denied

and also when logging in, I get the following errors - 

[Wed Jan 09 22:16:45 2008] [error] [client 10.192.10.44] called checkPassword(loginuser, passU), referer: http://wiki.domain.com/cgi-bin/login/TWiki/TeamsAndPeopleBar
[Wed Jan 09 22:16:45 2008] [error] [client 10.192.10.44] dn not found, referer: http://wiki.domain.com/cgi-bin/login/TWiki/TeamsAndPeopleBar

Please let me know if I have done anything wrong, or if I need to do something special to get over this error.

Thanks, Narendra

Environment

TWiki version: TWikiRelease04x00x01
TWiki plugins: DefaultPlugin, EmptyPlugin, InterwikiPlugin
Server OS: Fedora 7, kernel 2.6.22.4-65.fc7
Web server: Apache 2.2.4-4.1
Perl version: 5.8.8
Client OS:  
Web Browser:  
Categories: Authentication

-- NarendraLoganathan - 10 Jan 2008

Answer

ALERT! If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

I figured out that this was not a TWiki problem. On FC7, I had to do "setenforce permissive" and then the errors went away.

-- NarendraLoganathan - 10 Jan 2008

Change status to:
WebForm
SupportStatus AnsweredQuestions
Edit | Attach | Watch | Print version | History: r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r2 - 2008-01-10 - NarendraLoganathan
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.