+ Reply to Thread
Results 1 to 2 of 2

Thread: Mac OSX authentication on Mindtouch Core 10.1.3 - "Password Provided? False"

  1. 07-10-2012 01:27 AM #1
    supasledge
    supasledge is offline Newcomer supasledge is on a distinguished road
    Join Date
    Jul 2012
    Posts
    2

    Default Mac OSX authentication on Mindtouch Core 10.1.3 - "Password Provided? False"

    I have installed Mindtouch core on 64-bit Ubuntu Server 10.04. Mono version is: 2.10.2. I've been trying to set up LDAP authentication against Open Directory on a Lion server, running 10.7.4. I can't seem to get OSX Open Directory authentication working. Local auth is fine, but when using OSX auth on the main login page, I recieve the following error:
    Your login has failed - please verify that your username and password are correct.

    The configuration is as follows:
    Type: native
    SID: sid://mindtouch.com/2007/05/ldap-authentication
    userquery: uid=$1
    bindingdn: uid=$1,cn=users,dc=MYHOSTNAME,dc=MYDOMAIN,dc=com
    searchbase: cn=users,dc=MYHOSTNAME,dc=MYDOMAIN,dc=com
    hostname: <MYLIONSERVERIP> (My DNS works fine, but I saw that even the Mindtouch guys were using an IP here, so I followed suit...)
    Browsing to http://myserver/@api/deki/services/default/49 produces the following error:
    405Method Not Allowedallowed methods are DELETE
    When I try to login to the wiki using the OSX authentication, I get the following in /var/log/dekiwiki/deki-api.log:
    2012-07-09 20:56:11,373 [DispatchThread #25] WARN MindTouch.Deki.Services.LdapAuthenticationService - GetLdapConnection(Failed to bind to LDAP server: '<MYLIONSERVERIP>' with bindingdn: 'uid=test1,cn=users,dc=MYHOSTNAME,dc=MYHOSTNAME,dc =com'. Password provided? False. Exception: LdapException: (49) Invalid Credentials
    LdapException: Matched DN: )
    Novell.Directory.Ldap.LdapException: Invalid Credentials
    at Novell.Directory.Ldap.LdapResponse.chkResultCode () [0x00000] in <filename unknown>:0
    at Novell.Directory.Ldap.LdapConnection.chkResultCode (Novell.Directory.Ldap.LdapMessageQueue queue, Novell.Directory.Ldap.LdapConstraints cons, Novell.Directory.Ldap.LdapResponse response) [0x00000] in <filename unknown>:0
    at Novell.Directory.Ldap.LdapConnection.Bind (Int32 version, System.String dn, System.SByte[] passwd, Novell.Directory.Ldap.LdapConstraints cons) [0x00000] in <filename unknown>:0
    at Novell.Directory.Ldap.LdapConnection.Bind (Int32 version, System.String dn, System.String passwd, Novell.Directory.Ldap.LdapConstraints cons) [0x00000] in <filename unknown>:0
    at Novell.Directory.Ldap.LdapConnection.Bind (System.String dn, System.String passwd) [0x00000] in <filename unknown>:0
    at MindTouch.Deki.Services.LdapClient.GetLdapConnecti onFromBindingDN (System.String server, System.String bindingdn, System.String password) [0x00000] in <filename unknown>:0

    I found a post regarding the "Password Provided? False" message caused by special characters in passwords. It was determined that this was a bug in the authentication script. I'm not sure if this bug was resolved, but I have changed my test password to an alphanumeric one anyway. However, the issue persists. I've even tried passwords without numbers.

    I have also tried setting the bindingdn to a specific user, and adding the bindingpw key, and using an alphanumeric password for this user. With this configuration, I still get the "Password Provided? False" message.

    Telnet to port 389 from Mindtouch server to Lion server works fine. Running tcpdump on both machines during a login test, I do see the Mindtouch server reaching out to my Lion server on tcp/389. So, it is definitely not a firewall issue. (These servers are on the same subnet, and no iptables or anything like that anyway) The strangest thing about this is that despite seeing the traffic, I don't see an authentication attempt in the log on the Lion / OD side.

    Does anyone have any ideas? Please let me know if there are any additional details I can provide. I'm pretty stumped here... I just started a second fresh install to verify that the issue is reproducible, so I'll post my findings tonight or tomorrow on that endeavor.

    Thanks in advance!
    Last edited by supasledge; 07-10-2012 at 01:45 AM.
    Reply With Quote Reply With Quote
  2. 07-10-2012 04:40 AM #2
    supasledge
    supasledge is offline Newcomer supasledge is on a distinguished road
    Join Date
    Jul 2012
    Posts
    2

    Default Update after fresh installation

    Ok, so I tried reinstalling from scratch on a new server. I used the same procedure as my first try, to the letter. (I followed documentation I had created the first time through) OSX authentication is configured with the same settings:
    Type: native
    SID: sid://mindtouch.com/2007/05/ldap-authentication
    userquery: uid=$1
    bindingdn: uid=$1,cn=users,dc=MYHOSTNAME,dc=MYDOMAIN,dc=com
    searchbase: cn=users,dc=MYHOSTNAME,dc=MYDOMAIN,dc=com
    hostname: <MYLIONSERVERIP>
    It worked on the first try! I wish I could tell what went wrong the first time, but the new install seems to be working for now. Apologies to anyone who reads this huge thread for nothing!
    Reply With Quote Reply With Quote
+ Reply to Thread
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules