With the switch from Pear Net_LDAP2 to Zend\Ldap, the LDAP authentication to the AD is broken in Tiki 19.1.
With exactly the same configuration as with Tiki 18.3, I get this error message in the Action Log:
Error: 0x31 (Invalid credentials; 80090308: LdapErr: DSID-0C090400, comment: AcceptSecurityContext error, data 52e, v1db1): sAMAccountName=wiebe.oudshoorn,cn=users,dc=moba-bv,dc=local at line 262 in D
I have done some research with WireShark to inspect the packages from and to the LDAP server, when someone logs in to the wiki:
It's very clear where this is going wrong. It's trying to do a bind request with only the username instead of username at domain.url (row 355 in 18.3 screenshot vs row 239 in 19.1 screenshot ).
Although LDAP bind type is set to 'AD', so according to lib\auth\ldap.php row 184 it should add the correct information to the bind request instead of performing a 'plain' bind.
|No attachments for this item|