From: Khalid J H. <kj...@po...> - 2005-07-08 07:48:52
|
Hello, I am trying to get TikiWiki 1.85 to authenticate against Active Directory (AD) but am getting the infamous 'blank login page' result. I've scoured the mailing lists, but didn't find a working solution. Here's what I've attempted: I patched my installation using the patch and guidelines in this posting (for non-anonymous binding to AD): http://tikiwiki.org/tiki-view_forum_thread.php?comments_parentId=14062&forumId=6 I've followed directions and tips in the following article: http://doc.tikiwiki.org/tiki-index.php?page=Login+Config (LDAP Auth) http://tikiwiki.org/tiki-view_faq.php?faqId=10 My Basic Architecture: Active Directory running on a Windows 2000 server. Apache 2.x/PHP 4.2.2/MySQL 3.23.58/TikiWiki 1.85 running on a RedHat Linux server. From the Linux box, I can run the following queries successfully using ldapsearch, so binding to AD isn't a problem : # ldapsearch -v -u -x -D ser...@my... -W -h ad.mywin2kdomain.com -p 389 -b dc=mywin2kdomain,dc=com -s sub "(sn=smith)" # ldapsearch -v -u -x -D cn=administrator,cn=Users,dc=mywin2kdomain,dc=com -W -h ad.mywin2kdomain.com -p 389 -b dc=mywin2kdomain,dc=com -s sub "(sn=smith)" (I created the services account in AD specifically for binding to AD.) I've also run a sniffer (tcpdump) to see the ldap traffic between the Linux box and the AD box. The ldapsearch tests show up in the sniffer results as expected. Now here's where it gets interesting. No matter what settings I place in the Login admin config page (http://wiki.mydomain.com/tiki-admin.php?page=login), when I attempt to login to TikiWiki using an AD user, not only do I get the blank page for http://wiki.mydomain.com/tiki-login.php, but I don't see *any* traffic passing between the Linux and AD boxes. So it appears to me that something is failing in the PHP code before it even sends off an LDAP query to the AD server. Can any Tiki developers point me to where I can pull up some debug logs of what's going on with the PHP code (prob in LDAP.php) or perhaps a suggestion as to why this may be? Also, can anyone tell me exactly what the options "LDAP Member Attribute" and "LDAP Member Is DN" are used for in the Login admin config page? Any help would be appreciated! _KJH http://gizmosforgeeks.com |