#foswiki 2016-03-31,Thu

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
foswiki_irc6hey guiseeee
quick question, should I worry about deprecated handlers?
[00:02]
gac410foswiki_irc6: probably not. [00:06]
foswiki_irc6great, thanks gac
helpful as always
[00:06]
gac410I suppose someday we might actually remove deprecated handlers, [00:08]
foswiki_irc6I thought deprecated handlers were a problem with perl [00:10]
***ChanServ sets mode: +o Lynnwood [00:10]
gac410No, they are just evolution of foswiki. unrelated to perl.... I assume we are talking about the same thing - the report in System.InstalledPlugins [00:12]
............. (idle for 1h2mn)
***ChanServ sets mode: +o Lynnwood [01:14]
.......... (idle for 46mn)
ChanServ sets mode: +o Lynnwood [02:00]
........ (idle for 35mn)
GithubBot[distro] gac410 pushed 3 new commits to Release02x01: https://git.io/vVsZA
distro/Release02x01 9bb3a99 George Clark: Item13989: Allow selected topics to get guest sessions....
distro/Release02x01 96d3f39 George Clark: Item13989: Make guest sessions a bit more persistent...
distro/Release02x01 49d7837 George Clark: Item13989: remove extraneous commas...
[02:35]
***GithubBot has left [02:35]
FoswikiBothttp://foswiki.org/Tasks/Item13989 [ Item13989: When you disable guest sessions you also disable all registration and reset of password ] [02:35]
................... (idle for 1h34mn)
***gac410 has left [04:09]
.................................................. (idle for 4h6mn)
ChanServ sets mode: +o MichaelDaum [08:15]
............................... (idle for 2h31mn)
ChanServ sets mode: +o Lynnwood [10:46]
..... (idle for 21mn)
foswiki_irc6hello, I have a problem setting up foswiki on a debian server with ldap connection
foswiki is running normally but the connection with our ldap is not functioning. I already installed LdapContrib and LdapNgPlugin (which is giving me a red error symbol under configure and I dont know why)
Can anyone help me and what do you need from me?
[11:07]
MichaelDaumhi, foswiki_irc6
first, try the ldaptest script in the <foswiki-dir>/tools/ directory
edit it to your needs and give it a spin
[11:09]
foswiki_irc6I already did that and it can connect and gives back results and entries [11:11]
MichaelDaumthis will rule out any errors with regards to basic perl dependencies and connectivity to your ldap server
ah ok
good
so did you use the same settings in that script in your LocalSite.cfg as well?
[11:11]
foswiki_irc6in the apache2 error I get: LdapPasswdUser - called checkPassword("Firstname" "LastName", passU) [11:12]
MichaelDaumlocated in lib/LocalSite.cfg (normally maintained via the configure web interface, but you can edit manually as well if you like) [11:12]
foswiki_irc6yes I did
LdapPasswdUser - dn not found
[11:12]
MichaelDaumseems like the LoginBase and/or the LoginFilter fail
^fail^prevent the user record from being found
[11:13]
foswiki_irc6The base is good because i tried it with teh test and it gave me back the suers with all the attributes [11:13]
MichaelDaumokay
so whats the LoginFilter
[11:13]
foswiki_irc6where can i find that? [11:14]
MichaelDaumgrep LoginFilter lib/LocalSite.cfg [11:14]
foswiki_irc6it is empty
$Foswiki::cfg{Ldap}{LoginFilter} = ''
[11:14]
MichaelDaumwhich ldap server are you using? [11:14]
foswiki_irc6ldap on a windows 2008 R2 server [11:14]
MichaelDaumactive directory [11:15]
foswiki_irc6yes [11:15]
MichaelDaumset it to (&(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
means: filter for (1) persons (2) that are "enabled"
LoginAttribute: sAMAccountName
GroupFilter: objectClass=group
GroupAttribute: cn
MemberAttribute: member
MemberIndirection: true
WikiNameAttributes: cn ... or similar
[11:15]
foswiki_irc6ok that is the other part we are unsin intern a login name like: first 7 letters of the alst name and first letter of the first name so not the full name like for example "john Jackson"
what do i need to set for the loginname if I want to use the jacksonj type
[11:19]
MichaelDaumset AllowLoginName to true
and then use the property as defined in LoginAttribute
[11:20]
foswiki_irc6for the "MemberIndirection" it was set to 0 shouldnt it be 1 instead of true? [11:23]
MichaelDaumy [11:33]
foswiki_irc6ok i set everything you said and now i get this when i want to login : Action "viewauth": viewauth requires authentication by user WikiGuest.
Login is: LdapTemplateLogin and Mapping is: LdapUserMapping and Password is: LdapPasswdUser
[11:35]
MichaelDaumprobably your apache config
or whatever web server you are using
[11:38]
foswiki_irc6apache2
2.2
[11:38]
MichaelDaumdid you set any "require valid user" in apache? [11:40]
foswiki_irc6No I have set for bin: allow from all and for pub: allow from all , deny from env=blockAccess
and for bin: AuthType C with the LDAP parameters
[11:45]
MichaelDaumplease remove any auth from apache config
this is done by foswiki
[11:46]
foswiki_irc6oik [11:46]
I removed the auth parameters but still get the message: Action "viewauth": viewauth requires authentication by user WikiGuest
and restarted the apache
[11:53]
MichaelDaumdid you got to http://.../viewauth/Web/Topic directly? [11:55]
foswiki_irc6I can get the default website under /foswiki the welcome site
and when i click on lok in i get the error message
also the foswiki/Main/WebHome is working
[11:56]
MichaelDaumwhich error is that
visiting /foswiki/bin/ogin
[11:57]
foswiki_irc6Access check on "Main.WebHome" failed. Action "viewauth": viewauth requires authentication by user WikiGuest. yes wisiting the login
*visiting
[11:58]
MichaelDaumplease close your browser and start again
at http://.../foswiki/bin/login/System/WebHome
it should render the template login dialog
try this: $Foswiki::cfg{Ldap}{SecondaryPasswordManager} = 'none';
[11:59]
foswiki_irc6I get the error message I wrote earlier [12:01]
MichaelDaumtry $Foswiki::cfg{LoginManager} = 'Foswiki::LoginManager::TemplateLogin'; [12:02]
FoswikiBothttp://trunk.foswiki.org/System/PerlDoc?module=Foswiki::LoginManager::TemplateLogin [12:02]
MichaelDaumFoswikiBot, thanks [12:02]
FoswikiBotMichaelDaum: Search me, bub. [12:02]
foswiki_irc6ok then i get the login mask
but the login with teh ldap credentioals still doesnt work
[12:04]
MichaelDaumdid you set AllowLoginName? [12:05]
foswiki_irc6yes: $Foswiki::cfg{Register}{AllowLoginName} = 1;
this is what the ldap settings look like: http://pastebin.com/uYb3Fzxp
i can paste my whole config if it is easier
[12:06]
MichaelDaumokay now go to <foswiki-dir>/bin
and do ./view refreshldap=on >/dev/null
see what happens
[12:15]
***ChanServ sets mode: +o Lynnwood [12:17]
foswiki_irc6Wow thank you that one did the trick :D
and how do i get some kind of sso working?
thank you very much for the help
and how do I set the ldap refresh to a daily job?
[12:17]
MichaelDaumhave a look at the docu https://foswiki.org/Extensions/LdapContrib#Updating_the_LDAP_cache_using_a_cronjob
there's also sso docu using KerberosLogin
[12:30]
foswiki_irc6so it only works with kerberos? there is no workaround? [12:31]
MichaelDaumkerberos is an integral part of active directory
in such an environment it is first choice to implement any single sign on
[12:33]
foswiki_irc6ok then i have to look into that [12:35]
........ (idle for 37mn)
***ChanServ sets mode: +o Lynnwood [13:12]
ChanServ sets mode: +o gac410 [13:24]
..... (idle for 21mn)
gac410Hi all... I patched foswiki.org with the changes from the Item13989 branch, and disabled guest sessions. So far things seem okay. Has anyone noticed any issues? [13:45]
FoswikiBothttp://foswiki.org/Tasks/Item13989 [ Item13989: When you disable guest sessions you also disable all registration and reset of password ] [13:45]
gac410f.o went from 17000 sessions to 98. [13:45]
................ (idle for 1h18mn)
foswiki_irc6I have a problem: foswiki/Main/WikiGroups isnt opening for me as admin I get a site timeout [15:03]
MichaelDaumfoswiki_irc6, thats normal :D
lots of ldap groups imported with lots of members in it.
something the normal WikiGroups interface can't handle
[15:06]
foswiki_irc6ok hmm we have two dn from which i need to collect the users, who do i write that in the cfg file? [15:08]
***ChanServ sets mode: +o Lynnwood [15:08]
MichaelDaumnot possible
wait
you mean two dns
not two servers
[15:08]
foswiki_irc6no not two servers. we have ou=x1, ou=x2, dc=1,dc=2
the ou's are on the same level
[15:09]
MichaelDaum$Foswiki::cfg{Ldap}{UserBase} = ['ou=x1,dc=x1', 'ou=x2,dc=1,dc=2'];
[...] means array
'...' means string
separated by commas
[15:10]
foswiki_irc6ah the comma. I forgat that little one [15:11]
........ (idle for 37mn)
***JulianLevens has left [15:48]
........ (idle for 35mn)
foswiki_irc6if i add a user to a group with its login name it gets and with "first name, last name", how can I change that to "cn"? [16:23]
..... (idle for 24mn)
***ChanServ sets mode: +o Lynnwood [16:47]
............................................... (idle for 3h50mn)
ChanServ sets mode: +o Lynnwood [20:37]
....... (idle for 34mn)
ChanServ sets mode: +o Lynnwood [21:11]
........ (idle for 37mn)
ChanServ sets mode: +o Lynnwood [21:48]
...... (idle for 29mn)
ChanServ sets mode: +o Lynnwood [22:17]
.......... (idle for 45mn)
ChanServ sets mode: +o Lynnwood [23:02]
ChanServ sets mode: +o Lynnwood [23:16]
......... (idle for 40mn)
ChanServ sets mode: +o Lynnwood [23:56]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)