bump
Here is were I stand...
If CN=Users (along
with the two other DC=) is in the base DN it wont work. If anything but CN is in uid it wont work (ex: CN=Users wont work).
Now, the weird thing is, if my php account is admin it will take the
ldap settings. But when I log out, I can no longer log in
to phpbb using my admin account or my windows credentials. I then need
to re-install phpbb.
The weird thing is if I name my phpbb account the same name as my windows name then try
to apply the
ldap settings that usually work (but screw up phpbb
to the point I need
to re-install) I get a error... weird.
NOTE: My username/password
to bind this is my own, would that be a problem?
edit: If this cannot be fixed, my last ditch attempt might be
to recode php
to attempt
to bind a username/password. If it succeeds, then I know its a valid UN/PW, if it fails, then I know its not valid. But I know that would require lots of coding.
edit2: Well looks like we are able
to log in using the admin of the domain. hmmm
edit3: Ok, solved... ill post what I did tommorow cause I am sure someone else in the future will have the same problems with this ldap thing.Here is how I solved this:
1# When I was getting "
LDAP NO
LDAP EXTENSION" it was a php problem. I ended up re-installing php (this time using zip instead of msi) while following instruction and it worked.
2# My info
LDAP server name: 10.10.x.x
LDAP server port: 389
LDAP base dn: CN=Users,DC=xxxxxxx,DC=org
LDAP uid: sAMAccountName
LDAP user dn:
somelogincredentials@xxxxxxx.orgLDAP password: the_password
3# Then changed my PHP admin account
to administrator (admin or my domain username fails)
4# Saved it (without login out) then logged in
with a other user account on a other browser (so it would be created in the DB). Went back
to original browser and made that new domain account site founder (aka full admin). NOTE: This needed
to be done, or else my original administrator account would not work because it was trying
to authenticate using
ldap. The moment sign out of administrator I cannot sign back into it.
5# Added "mail
to "
LDAP e-mail attribute:". If I add this without any domain users created it
failed.
note:
[*]port was optional.
[*]Like I said, having the mail attribute caused me issues (would give me some error) until I had a real domain user in the DB. So don’t add mail till later.
[*]My uid was sAMAccountName but it can potentially be different on yours.
[*]Any login credentials work, but apparently you need them or else it wont bind.
[*]Also at one point I was able
to take abberrant settings
to save correctly but no domain credentials were being accepted EXCEPT the domain administrator account. Not sure what
to make of that.
