<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Calibri, sans-serif; "><div><div>Hello,</div><div><br></div><div>I am having issues getting LDAP?AD authentication to work. I have read the archives and they all mention using ldapsearch to test your settings but I am not sure exactly how the ldapsearch strings match the fields in the preferences.php file.</div><div><br></div><div>If I run the following ldapsearch, which seems to be the shortest string that will return the expected results, (items in brackets are of course substituted with valid information) :</div><div><br></div><div><blockquote style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 40px; border-top-style: none; border-right-style: none; border-bottom-style: none; border-left-style: none; border-width: initial; border-color: initial; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; "><div><i>~$ ldapsearch -w <mypassword> -D LDAP@<domain>.local -H ldap://<server ip> -b "ou=AllowedUsers,ou=Users,ou=MyBusiness,dc=<domain>,dc=local" sAMAccountName</i></div></blockquote><div><br></div><div> I get a list of the users in the AllowedUsers OU so it looks like I can query the LDAP server. However when I try and translate this to the preferences.php file I get:</div><div><br></div><blockquote style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 40px; border-top-style: none; border-right-style: none; border-bottom-style: none; border-left-style: none; border-width: initial; border-color: initial; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; "><div><span class="Apple-tab-span" style="white-space: pre; "></span><i>LDAP Error: Unable to connect to any of the LDAP servers; could not authenticate user.</i></div><div><i>Authentication Error: The username or password was incorrect.</i></div></blockquote></div><blockquote style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 40px; border-top-style: none; border-right-style: none; border-bottom-style: none; border-left-style: none; border-width: initial; border-color: initial; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; "><div><br></div></blockquote><div>I currently have both LDAP and AD active in the preference.php file to see if I could get either to work which is why I assume I am getting two error messages. </div><div><br></div><div>Can someone help me determine what information goes in which field based on this search string? One other thing to note. While the users that will be logging in the base dn <i>"ou=AllowedUsers,ou=Users,ou=MyBusiness,dc=<domain>,dc=local"</i> the <a href="mailto:LDAP@domain.local">LDAP@domain.local</a> account with lookup permissions in in a different base dn <i>"ou=Users,dc=<domain>,dc=local".</i></div><div><br></div><div>Thanks for any/all help!</div><div><br></div><div>- Craig</div></div><div><br></div></body></html>