<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
span.EmailStyle19
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.EmailStyle20
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle21
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle22
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-ZA link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='color:#1F497D'>How does your baseDN look like? Are you only allowing users authenticate that are in a specific OU or are you allowing users domain wide?<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> zendto-bounces@zend.to [mailto:zendto-bounces@zend.to] <b>On Behalf Of </b>Joshua F. Withrow<br><b>Sent:</b> 02 February 2011 04:59 PM<br><b>To:</b> 'ZendTo Users'<br><b>Subject:</b> [ZendTo] Re: AD Authentication Won't Work<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'>Sweet </span><span lang=EN-US style='font-family:Wingdings;color:#1F497D'>J</span><span lang=EN-US style='color:#1F497D'> I am now connecting, and it lets me know at the bottom of the screen that I have authenticated (it’s pulling info from AD, like my full username). But it leaves me at the login screen and displays:<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'><o:p> </o:p></span></p><div align=center><table class=MsoNormalTable border=1 cellpadding=0 width="50%" style='width:50.0%;border-top:solid #000040 1.5pt;border-left:none;border-bottom:solid #000040 1.5pt;border-right:none'><tr><td rowspan=2 style='border:none;border-bottom:solid #000040 1.5pt;padding:.75pt .75pt .75pt .75pt'><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Arial","sans-serif";color:#000040'><img width=48 height=42 id="Picture_x0020_2" src="cid:image001.png@01CBC2FF.40EC5430" alt="Description: [error]"><o:p></o:p></span></p></td><td style='border:none;padding:.75pt .75pt .75pt .75pt'><p class=MsoNormal><b><span style='font-size:9.0pt;font-family:"Arial","sans-serif";color:#000040'>Authentication Error<o:p></o:p></span></b></p></td></tr><tr><td style='border:none;padding:.75pt .75pt .75pt .75pt'><p class=MsoNormal style='text-align:justify'><span style='font-size:7.5pt;font-family:"Arial","sans-serif";color:#000040'>The username or password was incorrect.<o:p></o:p></span></p></td></tr></table></div><div><p class=MsoNormal><span lang=EN-US style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'>Even though it tells me: </span><b><span lang=EN-US style='font-size:7.5pt;font-family:"Arial","sans-serif";color:#000040'>Version 3.63 | Copyright © 2010 | you are currently logged in as <i>Joshua F. Withrow</i></span></b><span lang=EN-US style='color:#1F497D'> <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'>Any ideas appreciated </span><span lang=EN-US style='font-family:Wingdings;color:#1F497D'>J</span><span lang=EN-US style='color:#1F497D'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'><o:p> </o:p></span></p></div><p class=MsoNormal><span lang=EN-US style='color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> zendto-bounces@zend.to [mailto:zendto-bounces@zend.to] <b>On Behalf Of </b>JC Putter<br><b>Sent:</b> Tuesday, February 01, 2011 4:13 PM<br><b>To:</b> 'ZendTo Users'<br><b>Subject:</b> [ZendTo] Re: AD Authentication Won't Work<o:p></o:p></span></p></div></div><p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US>'authenticator' => 'AD',<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> 'authLDAPAdmins' => array('test'),<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> 'authLDAPBaseDN1' => 'DC=ad,DC=contoso,DC=com',<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> 'authLDAPServers1' => array('ad1.contoso.com'),<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> 'authLDAPAccountSuffix1' => '@contoso.com',<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> 'authLDAPUseSSL1' => false,<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> 'authLDAPBindUser1' => 'CN=Administrator,CN=Users,DC=contoso,DC=com',<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> 'authLDAPBindPass1' => 'password,<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> 'authLDAPOrganization1' => 'Moore Stephens',<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> //'authLDAPBaseDN2' => 'DC=soton,DC=ac,DC=uk',<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> //'authLDAPServers2' => array(),<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> //'authLDAPAccountSuffix2' => '@soton.ac.uk',<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> //'authLDAPUseSSL2' => false,<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> //'authLDAPBindUser2' => '',<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> //'authLDAPBindPass2' => '',<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> //'authLDAPOrganization2' => 'University of Southampton',</span><span style='color:#1F497D'><o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'>This is a sample of my working config…..<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'>As Jules pointed out use ldapsearch to workout and troubleshoot using connection to AD<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'>If you only have one domain, uncomment the rest and remove everything in the array in authLDAPServer2<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt;font-family:"Times New Roman","serif"'><o:p> </o:p></span></p><div class=MsoNormal align=center style='text-align:center'><span lang=EN-US style='font-size:12.0pt;font-family:"Times New Roman","serif"'><hr size=2 width="100%" align=center></span></div><p class=MsoNormal><span lang=EN-US style='font-size:7.5pt;font-family:"Arial","sans-serif";color:gray'>This message is the property of Machining Technologies, Inc (MaTech) and the Information contained herein may be/is subject to the Code of Federal Regulations Chapter 22 International Traffic in Arms Regulations (ITAR). This data may not be resold, diverted, transferred, transshipped, made available to a foreign national within the United States, or otherwise disposed of in any other country outside of its intended destination, either in original form or after being incorporated through an intermediate process into other data without the prior written approval of the US Department of State. The information in this e-mail and subsequent attachments may contain legally privileged, proprietary and/or confidential information that is intended only for the use of the addressee(s).<br>No addressee should forward, print, copy or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as the recipient. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, retention or use of the contents of this e-mail information is prohibited. If you have received this communication in error, please immediately notify the sender by telephone or return e-mail and delete this e-mail. Thank You.</span><span lang=EN-US style='font-size:12.0pt;font-family:"Times New Roman","serif"'><o:p></o:p></span></p></div></body></html>