<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
<div class="moz-cite-prefix">On 18/01/2013 09:27, Mike Brudenell
wrote:<br>
</div>
<blockquote
cite="mid:CAPXCWasYiSZbx9s+WeFTyt7XRkzP98x4CCwtiPhnCxbPc64Sjg@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">Hi, Jules!</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 18 January 2013 09:08, Jules <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:Jules@zend.to" target="_blank">Jules@zend.to</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">If they were
originally arrays in my default file, they need to be
arrays still, even empty ones.</div>
</blockquote>
<div><br>
</div>
<div style="">Looking at preferences.php in the current
4.11-6 release (which I guess is similar to/the same as
the versions we're running) it says:</div>
<div style=""><br>
</div>
<div style="">
<div><font face="courier new, monospace"> // If you are
not using this 2nd set of settings for a 2nd AD
forest,</font></div>
<div><font face="courier new, monospace"> // do not
comment them out, but instead set them to be empty.</font></div>
<div><font face="courier new, monospace">
'authLDAPBaseDN2' =>
'DC=soton,DC=ac,DC=uk',</font></div>
<div><font face="courier new, monospace">
'authLDAPServers2' => array('<a
moz-do-not-send="true" href="http://ad1.soton.ac.uk">ad1.soton.ac.uk</a>','<a
moz-do-not-send="true" href="http://ad2.soton.ac.uk">ad2.soton.ac.uk</a>'),</font></div>
<div><font face="courier new, monospace">
'authLDAPAccountSuffix2' => '@<a
moz-do-not-send="true" href="http://soton.ac.uk">soton.ac.uk</a>',</font></div>
<div><font face="courier new, monospace">
'authLDAPUseSSL2' => false,</font></div>
<div><font face="courier new, monospace">
'authLDAPBindUser2' => 'SecretUsername2',</font></div>
<div><font face="courier new, monospace">
'authLDAPBindPass2' => 'SecretPassword2',</font></div>
<div><font face="courier new, monospace">
'authLDAPOrganization2' => 'University of
Southampton',</font></div>
<div><br>
</div>
<div style="">Not being terribly familiar with PHP we took
this literally and set the values to be blank — ie, ''.</div>
<div style=""><br>
</div>
<div style="">It was only yesterday by luck that I spotted
the comment earlier on in the file about the forest1
preferences which says:</div>
<div style=""><br>
</div>
<div style="">
<div> // Settings for the 2-forest/2-domain AD
authenticator.</div>
<div> // Set </div>
<div> // 'authLDAPServers2' => array(),</div>
<div> // if you only have to search 1 AD forest/domain.</div>
<div><br>
</div>
<div style="">that made me realise we'd got it wrong.
Perhaps this note should be moved down in to just
above the forest2 preferences to help people spot it?</div>
</div>
</div>
</div>
</div>
</div>
</blockquote>
Good idea. Will do.<br>
<blockquote
cite="mid:CAPXCWasYiSZbx9s+WeFTyt7XRkzP98x4CCwtiPhnCxbPc64Sjg@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">
<div style="">
<div style="">
<div style=""><br>
</div>
<div style="">In passing (and it may not make much
difference given the bailout test is made against the
authLDAPServer2 variable) should we have set
authLDAPUseSSL2 (a boolean) to be either true or false
here rather than '' as well? (It's false in your
original file but we blindly set it to '' too as per
the current comment.)</div>
</div>
</div>
</div>
</div>
</div>
</blockquote>
Yes, it should be true or false.<br>
<blockquote
cite="mid:CAPXCWasYiSZbx9s+WeFTyt7XRkzP98x4CCwtiPhnCxbPc64Sjg@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">
<div style="">
<div style="">
<div style=""><br>
</div>
</div>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
Aha! Many thanks! :-)<br>
<br>
Yes, just looked at the code, you're totally right.</div>
</blockquote>
</div>
<br>
Phew! I was beginning to think I was barking up the wrong tree
and wasting your time. No problem at all: our users here
really appreciate ZendTo. I'm currently trying to resist
switching the CAPTCHA to AreYouAHuman … I may seek comments
from our support office. :-)</div>
</div>
</blockquote>
I would give AreYouAHuman a go, I suspect your users will much
prefer it. The Google one can be really awkward sometimes. The only
duff bit is the audio version doesn't really work, but I haven't
tried the audio version of the Google one so it may not be much
better. Apparently if it's too audible, the botnets can transcribe
it and crack it really easily. A bit of a lose-lose situation there,
unfortunately.<br>
<br>
One thing to note in the AreYouAHuman setup, in their management
"portal" you have to set the game type to "Embedded" and not the
default "Light Box".<br>
<br>
Cheers,<br>
<pre class="moz-signature" cols="72">Jules
--
Julian Field MEng MBCS CITP CEng
'People will believe a big lie sooner than a little one, and if you
repeat it frequently enough people will sooner or later believe
it.' - Walter Langer
<a class="moz-txt-link-abbreviated" href="http://www.Zend.To">www.Zend.To</a>
Twitter: @JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
</pre>
</body>
</html>