<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.EmailStyle18
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle19
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:#1F497D;}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-GB" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><a name="_MailEndCompose"><span style="color:#1F497D;mso-fareast-language:EN-US">Thanks for the assistance both of you. I think there was a more fundamental problem at hand with the install as I backed up preferences.php, internaldomains.conf
& zendto.conf then deployed a new VM and it all works fine this time around. It’s a shame I didn’t find out exactly what was wrong, but at least it’s working and I can get it off my to-do list now.<o:p></o:p></span></a></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="color:#1F497D;mso-fareast-language:EN-US">Kind Regards,<o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></span></p>
<div>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><b><span style="color:#1F497D">Craig Gilbert<o:p></o:p></span></b></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><b><u><span style="color:#1F497D">Systems Architect<o:p></o:p></span></u></b></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:9.0pt;color:#1F497D"><o:p> </o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><i><span style="font-size:9.0pt;color:#1F497D">Nexus, Nexus House, St James' Boulevard, Newcastle upon Tyne, NE1 4AX</span></i></span><span style="mso-bookmark:_MailEndCompose"><span style="font-size:9.0pt;color:#1F497D"><o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><i><span style="font-size:9.0pt;color:#1F497D">Tel 0191 203 3268</span></i></span><span style="mso-bookmark:_MailEndCompose"><span style="color:#1F497D"><o:p></o:p></span></span></p>
</div>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></span></p>
<span style="mso-bookmark:_MailEndCompose"></span>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> zendto-bounces@zend.to [mailto:zendto-bounces@zend.to]
<b>On Behalf Of </b>Brian Novogradac<br>
<b>Sent:</b> 15 June 2017 19:33<br>
<b>To:</b> ZendTo Users <zendto@zend.to><br>
<b>Subject:</b> Re: [ZendTo] AD Auth issue<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span lang="EN-US" style="color:#1F497D">We had the same issue remember you are talking from linux to windows (which is like French to English IMO
</span><span lang="EN-US" style="font-family:Wingdings;color:#1F497D">J</span><span lang="EN-US" style="color:#1F497D"> )<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="color:#1F497D">Try putting domain in from of BinduserID. That fixed our exact issue.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="color:#1F497D">E.G. </span><span style="font-family:Consolas">'authLDAPBindUser1' => 'ADS\zendto',<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="color:#1F497D">Brian<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> <a href="mailto:zendto-bounces@zend.to">
zendto-bounces@zend.to</a> [<a href="mailto:zendto-bounces@zend.to">mailto:zendto-bounces@zend.to</a>]
<b>On Behalf Of </b>Craig Gilbert<br>
<b>Sent:</b> Wednesday, June 14, 2017 10:07 AM<br>
<b>To:</b> <a href="mailto:zendto@zend.to">zendto@zend.to</a><br>
<b>Subject:</b> [ZendTo] AD Auth issue<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal">Hello all,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">We are attempting to deploy ZendTo in our environment but are having issues with AD auth.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">We have reviewed the page at <a href="http://zend.to/activedirectory.php">
http://zend.to/activedirectory.php</a> and are getting results from the example <span style="font-family:Consolas">
ldapsearch </span>command.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Our AD authenticator settings in <span style="font-family:Consolas">
preferences.php</span> are as follows (redacted identifying info):<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authenticator' => 'AD',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authLDAPBaseDN1' => 'OU=User Accounts,OU=Company,DC=domain,DC=local',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authLDAPServers1' => array(‘dc1.domain.local','dc2.domain.local','dc3.domain.local','dc4.domain.local'),<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authLDAPAccountSuffix1' => '@domain.local',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authLDAPUseSSL1' => false,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authLDAPBindUser1' => 'zendto',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authLDAPBindPass1' => 'password',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authLDAPOrganization1' => 'Company',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> // If you are not using this 2nd set of settings for a 2nd AD forest,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> // do not comment them out, but instead set them to be empty.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authLDAPBaseDN2' => '',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> // Set<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authLDAPServers2' => array(),<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> // if you only have to search 1 AD forest/domain.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authLDAPServers2' => array(),<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authLDAPAccountSuffix2' => '',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authLDAPUseSSL2' => false,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authLDAPBindUser2' => '',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authLDAPBindPass2' => '',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:Consolas"> 'authLDAPOrganization2' => ''</span>,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Every time we try to authenticate with a valid user using either a sAMAccountName or userPrincipalName, the error ‘Authentication Error<o:p></o:p></p>
<p class="MsoNormal">The username or password was incorrect.’ Is shown in ZendTo. If it matters, our users are in a Sub-OU of the value in
<span style="font-family:Consolas">authLDAPBaseDN1, </span>however they are shown in the
<span style="font-family:Consolas">ldapsearch</span> command.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Any assistance is greatly appreciated.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Kind Regards,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><b>Craig Gilbert<o:p></o:p></b></p>
<p class="MsoNormal"><b><u>Systems Architect<o:p></o:p></u></b></p>
<p class="MsoNormal"><span style="font-size:9.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><i><span style="font-size:9.0pt">Nexus, Nexus House, St James' Boulevard, Newcastle upon Tyne, NE1 4AX</span></i><span style="font-size:9.0pt"><o:p></o:p></span></p>
<p class="MsoNormal"><i><span style="font-size:9.0pt">Tel 0191 203 3268</span></i><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Times New Roman",serif">**********************************************************************************<br>
Any views or opinions expressed by the sender of this message do not<br>
necessarily represent those of Nexus.<br>
<br>
This message is intended for the addressee only. It is confidential and<br>
may contain private or privileged information. It must not be copied or<br>
its contents disclosed to anyone other than the addressee. If it is<br>
delivered to you in error please destroy all copies of it immediately and<br>
contact the sender.<br>
<br>
Please note that neither Nexus nor the sender accepts any responsibility<br>
for viruses and it is your responsibility to scan or otherwise check this <br>
email and any attachments. <br>
**********************************************************************************<o:p></o:p></span></p>
</div>
**********************************************************************************<br>Any views or opinions expressed by the sender of this message do not<br>necessarily represent those of Nexus.<br><br>This message is intended for the addressee only. It is confidential and<br>may contain private or privileged information. It must not be copied or<br>its contents disclosed to anyone other than the addressee. If it is<br>delivered to you in error please destroy all copies of it immediately and<br>contact the sender.<br><br>Please note that neither Nexus nor the sender accepts any responsibility<br>for viruses and it is your responsibility to scan or otherwise check this <br>email and any attachments. <br>**********************************************************************************</body>
</html>