| ... |
... |
@@ -1,0 +1,4 @@ |
|
1 |
+Is the example AD configuration above the right way to do things? |
|
2 |
+My understanding is that the bind_DN and bind_pass are for setting the username and password XWiki will use to connect to the LDAP server in order to do a search, then the UID_attr field is searched for the username entered on the form. |
|
3 |
+If that is correct then the bind_dn and bind_pass should either be hardcoded to a special AD user with restricted privileges, or left blank to bind anonymously. |
|
4 |
+I have tried the first of these: XWiki then seems to 'authenticate OK' whatever username/password I enter on the form even if the user does not exist in AD at all. |
