Author Topic: Dokuwiki LDAP authentication on a Zentyal 5.1 server  (Read 1850 times)

sk9

  • Zen Apprentice
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Dokuwiki LDAP authentication on a Zentyal 5.1 server
« on: December 04, 2018, 10:48:38 pm »
Hello everyone,
I'm trying to connect Dokuwiki which "runs" on my Zentyal 5.1 server to Zentyal's LDAP. Unfortunately, there is almost no documentation available concerning LDAP in newer Zentyal versions. This made me playing around a lot. Even after reading lots of forum topics about LDAP, I still didn't succeed. Especially, Zentyal displays a base, a user and a group DN, but no password I should use (as in earlier versions). Also, I'm wondering about the user and group filters.

This is how the LDAP section of my Dokuwiki local.php looks like:

Code: [Select]
$conf['authtype'] = 'authldap';
$conf['superuser'] = '@admin';
$conf['disableactions'] = 'register';
$conf['plugin']['authldap']['server'] = 'ldap://127.0.0.1';
$conf['plugin']['authldap']['port'] = 389;
$conf['plugin']['authldap']['usertree'] = ' CN=Users,DC=domainname,DC=net ';
$conf['plugin']['authldap']['grouptree'] = ' CN=Users,DC=domainname,DC=net ';
$conf['plugin']['authldap']['userfilter'] = '(&(uid=%{user})(objectClass=posixAccount))\'';
$conf['plugin']['authldap']['groupfilter'] = '(&(objectClass=posixGroup)(|(gidNumber=%{gid})(memberUID=%{user})))';
$conf['plugin']['authldap']['version'] = 3;
$conf['plugin']['authldap']['binddn'] = 'CN=Administrator,DC=domainname,DC=net';
$conf['plugin']['authldap']['bindpw'] = '<b>randomstuff';
$conf['plugin']['authldap']['modPass'] = 0;
$conf['auth']['ldap']['groupfilter'] = '(&(objectClass=posixGroup)(memberUID=%{user}))';

Does anybody have ideas? Dokuwiki displays "Couldn't connect to LDAP server" as error message when trying to log in using LDAP.

half_life

  • Bug Hunter
  • Zen Hero
  • *****
  • Posts: 867
  • Karma: +59/-0
    • View Profile
Re: Dokuwiki LDAP authentication on a Zentyal 5.1 server
« Reply #1 on: December 23, 2018, 05:17:00 am »
First and foremost,  don't use an admin level user to query ldap.  All you need is a non privileged user to do read only queries.  Use that users DN and their password to connect to ldap. 


I suggest using an ldap query tool to troubleshoot such as  Apache Studio  http://directory.apache.org/studio/downloads.html  It has been awhile but you might need to adjust the ldap filters for your needs.