Problem with SAM
-
Hi,
I’m using this great plugins with some wordpress site.
But I got an issue. I found that my user can login with their UPN on the Active Directory but if the UPN is not the same as the SAM , the plugins can’t load the attributes with the array.
In our school we are only using the UPN because the SAM as it’s restricted at only 20 chars, is a random generated string.
Is there a way to only use the UPN?Here are the 2 examples :
With the same UPN and SAM :AD Integration Logon Test
openLDAP installed
[INFO] method authenticate() called
[INFO] ——————————————
PHP version: 7.0.2
WP version: 4.5
ADI version: 1.1.8
OS Info : Linux 64208505daa9 4.5.1-1.el7.elrepo.x86_64 #1 SMP Sat Apr 16 11:42:12 EDT 2016 x86_64
Web Server : fpm-fcgi
adLDAP ver.: 3.3.2 EXTENDED (201302271401)
——————————————
[INFO] LDAP paging: enabled
[NOTICE] @domain found.
[NOTICE] user domain “@elmarche.be” in list of account suffixes.
[NOTICE] username: test.test
[NOTICE] password: **not shown**
[INFO] Options for adLDAP connection:
– account_suffix: @elmarche.be
– base_dn: ou=ELMA,dc=ELMARCHE,DC=BE
– domain_controllers: 10.11.20.1
– ad_port: 389
– use_tls: 0
– network timeout: 5
[INFO] Checking domain controller ports:
[INFO] – 10.11.20.1:389 – OK
[NOTICE] adLDAP object created.
[INFO] max_login_attempts: 0
[NOTICE] trying account suffix “@elmarche.be”
[NOTICE] Authentication successfull for “[email protected]”
[NOTICE] cleaning up failed logins for user “test.test”
[DEBUG] ATTRIBUTES TO LOAD: Array
(
[0] => cn
[1] => givenname
[2] => sn
[3] => displayname
[4] => description
[5] => mail
[6] => samaccountname
[7] => userprincipalname
[8] => useraccountcontrol
)[DEBUG] USERINFO[0]:
Array
(
[cn] => Array
(
[count] => 1
[0] => test test
)[0] => cn
[sn] => Array
(
[count] => 1
[0] => test
)[1] => sn
[givenname] => Array
(
[count] => 1
[0] => test
)[2] => givenname
[displayname] => Array
(
[count] => 1
[0] => test test
)[3] => displayname
[useraccountcontrol] => Array
(
[count] => 1
[0] => 66048
)[4] => useraccountcontrol
[objectsid] => Array
(
[count] => 1
[0] => }??rO???1
)[5] => objectsid
[samaccountname] => Array
(
[count] => 1
[0] => test.test
)[6] => samaccountname
[userprincipalname] => Array
(
[count] => 1
[0] => [email protected]
)[7] => userprincipalname
[mail] => Array
(
[count] => 1
[0] => [email protected]
)[8] => mail
[count] => 9
[dn] => CN=test test,OU=Teachers,OU=ELMA,DC=elmarche,DC=be
)[NOTICE] Updating user “test.test” with following data:
– email : [email protected]
– first name : test
– last name : test
– display name : test.test
– account suffix: @elmarche.be
– role : administrator
[NOTICE] – user_id : 989
[DEBUG] cn = test test / type = string / meta key = adi_cn
[DEBUG] givenname = test / type = string / meta key = adi_givenname
[DEBUG] sn = test / type = string / meta key = adi_sn
[DEBUG] displayname = test test / type = string / meta key = adi_displayname
[DEBUG] description is empty. Local value of meta key adi_description left unchanged.
[DEBUG] mail = [email protected] / type = string / meta key = adi_mail
[DEBUG] samaccountname = test.test / type = string / meta key = adi_samaccountname
[DEBUG] userprincipalname = [email protected] / type = string / meta key = adi_userprincipalname
[DEBUG] useraccountcontrol = 66048 / type = string / meta key = adi_useraccountcontrol
[NOTICE] FINISHEDUser logged on.
With different one :
AD Integration Logon Test
openLDAP installed
[INFO] method authenticate() called
[INFO] ——————————————
PHP version: 7.0.2
WP version: 4.5
ADI version: 1.1.8
OS Info : Linux 64208505daa9 4.5.1-1.el7.elrepo.x86_64 #1 SMP Sat Apr 16 11:42:12 EDT 2016 x86_64
Web Server : fpm-fcgi
adLDAP ver.: 3.3.2 EXTENDED (201302271401)
——————————————
[INFO] LDAP paging: enabled
[NOTICE] @domain found.
[NOTICE] user domain “@elmarche.be” in list of account suffixes.
[NOTICE] username: test.test
[NOTICE] password: **not shown**
[INFO] Options for adLDAP connection:
– account_suffix: @elmarche.be
– base_dn: ou=ELMA,dc=ELMARCHE,DC=BE
– domain_controllers: 10.11.20.1
– ad_port: 389
– use_tls: 0
– network timeout: 5
[INFO] Checking domain controller ports:
[INFO] – 10.11.20.1:389 – OK
[NOTICE] adLDAP object created.
[INFO] max_login_attempts: 0
[NOTICE] trying account suffix “@elmarche.be”
[NOTICE] Authentication successfull for “[email protected]”
[NOTICE] cleaning up failed logins for user “test.test”
[DEBUG] ATTRIBUTES TO LOAD: Array
(
[0] => cn
[1] => givenname
[2] => sn
[3] => displayname
[4] => description
[5] => mail
[6] => samaccountname
[7] => userprincipalname
[8] => useraccountcontrol
)[DEBUG] USERINFO[0]:
[NOTICE] Updating user “test.test” with following data:
– email : [email protected]
– first name :
– last name :
– display name : test.test
– account suffix:
– role :
[NOTICE] – user_id : 989
[DEBUG] cn is empty. Local value of meta key adi_cn left unchanged.
[DEBUG] givenname is empty. Local value of meta key adi_givenname left unchanged.
[DEBUG] sn is empty. Local value of meta key adi_sn left unchanged.
[DEBUG] displayname is empty. Local value of meta key adi_displayname left unchanged.
[DEBUG] description is empty. Local value of meta key adi_description left unchanged.
[DEBUG] mail is empty. Local value of meta key adi_mail left unchanged.
[DEBUG] samaccountname is empty. Local value of meta key adi_samaccountname left unchanged.
[DEBUG] userprincipalname is empty. Local value of meta key adi_userprincipalname left unchanged.
[DEBUG] useraccountcontrol is empty. Local value of meta key adi_useraccountcontrol left unchanged.
[NOTICE] FINISHEDUser logged on.
Thanks,
https://www.ads-software.com/plugins/active-directory-integration/
- The topic ‘Problem with SAM’ is closed to new replies.
