Forum OpenACS Q&A: Re: Help with auth-ldap ("no configured pools")

Enabling everything for LDAP authentication is ok, you can login through email or through username, anyway, depends on
what you put for Kernel param  UseEmailForLoginP, if 0, then it will ask for the username / auth-name.

Also its important what you set to match with username, usually uid (UsernameAttribute).
It will try to match the oacs username againts something, if its found, will return the record.

Collapse
7: Re: Help with auth-ldap (response to 6)
Posted by Michael Steigman on
Thanks, Rocael (Just getting back to this)

That's the param I was looking for. So I've got UseEmailForLoginP set to 0, my LDAP authority set up and the following options set for the authority:

Authentication - LDAP
Password management - LDAP
Account registration - Local
User Info - LDAP

In the "configure drivers" section of my LDAP authority, I've got:

UsernameAttribute - uid (tried just about everything though)
BaseDN - 'o=myorg'
InfoAttributeMap - 'first_names=givenName;last_name=sn;email=mail'
PasswordHash - SHA (tried MD5 as well)

No matter what, I get an "invalid username/password" error when I try to log in using the LDAP authority. I'm positive both the username and password are correct.

In the log, I'm seeing this, so I'm assuming AOLServer's talking to the LDAP server OK (I was also able to create a little test page that could pull user names from the directory):

[09/Aug/2004:16:41:36][8733.3052997552][-conn:upgrade-test::3] Debug: nsldap: getting a handle for thread -1241969744
[09/Aug/2004:16:41:36][8733.3052997552][-conn:upgrade-test::3] Debug: nsldap: connecting handle from pool ldap
[09/Aug/2004:16:41:36][8733.3052997552][-conn:upgrade-test::3] Debug: nsldap: entering handle nsldap0 to activeHandles
[09/Aug/2004:16:41:36][8733.3052997552][-conn:upgrade-test::3] Debug: nsldap: releasehandle nsldap0
[09/Aug/2004:16:41:36][8733.3052997552][-conn:upgrade-test::3] Debug: nsldap: returning handle to pool ldap for thread -1241969744

Any suggestions as to where to look at this point?

Thanks.