See https://www.mediawiki.org/w/index.php?title=Topic:V4gurdvayerj1x6p&topic_showPostId=v4gxs0jmxp5qu4s5#flow-post-v4gxs0jmxp5qu4s5

Hi,

There is an error in exception file MappingException.php which inherits from ConfigException: there is a double call to I18nTrait which cause an error (call to parent constructor is wrong)

Here is ConfigException.php

Hi,
I got an error when log in to mediawiki, with AD authentication. But the authentication works fine, I'm logged in if I go to another page or refresh the page.

[6097cfd71bb697126e7212c6] /index.php?title=Sp%C3%A9cial:Connexion&returnto=Accueil Shanept\LdapAuth\Exceptions\MappingException from line 108 of /var/www/mediawiki/extensions/LdapAuth/src/Groups/LdapGroupSync.php: No domain found for "vincent".

Backtrace:

#0 /var/www/mediawiki/extensions/LdapAuth/src/Groups/LdapGroupSync.php(93): Shanept\LdapAuth\Groups\LdapGroupSync->populateGroups()
#1 /var/www/mediawiki/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php(188): Shanept\LdapAuth\Groups\LdapGroupSync->map()
#2 /var/www/mediawiki/includes/auth/AuthManager.php(2441): Shanept\LdapAuth\Auth\PrimaryAuthenticationProvider->postAuthentication(User, MediaWiki\Auth\AuthenticationResponse)
#3 /var/www/mediawiki/includes/auth/AuthManager.php(694): MediaWiki\Auth\AuthManager->callMethodOnProviders(integer, string, array)
#4 /var/www/mediawiki/includes/auth/AuthManager.php(383): MediaWiki\Auth\AuthManager->continueAuthentication(array)
#5 /var/www/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(353): MediaWiki\Auth\AuthManager->beginAuthentication(array, string)
#6 /var/www/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(482): AuthManagerSpecialPage->performAuthenticationStep(string, array)
#7 /var/www/mediawiki/includes/htmlform/HTMLForm.php(665): AuthManagerSpecialPage->handleFormSubmit(array, VFormHTMLForm)
#8 /var/www/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(416): HTMLForm->trySubmit()
#9 /var/www/mediawiki/includes/specialpage/LoginSignupSpecialPage.php(317): AuthManagerSpecialPage->trySubmit()
#10 /var/www/mediawiki/includes/specialpage/SpecialPage.php(569): LoginSignupSpecialPage->execute(NULL)
#11 /var/www/mediawiki/includes/specialpage/SpecialPageFactory.php(568): SpecialPage->run(NULL)
#12 /var/www/mediawiki/includes/MediaWiki.php(288): MediaWiki\Special\SpecialPageFactory->executePath(Title, RequestContext)
#13 /var/www/mediawiki/includes/MediaWiki.php(860): MediaWiki->performRequest()
#14 /var/www/mediawiki/includes/MediaWiki.php(517): MediaWiki->main()
#15 /var/www/mediawiki/index.php(42): MediaWiki->run()
#16 {main}

It's like no domain was specified for the object user.
The domain is selected with the select menu.
I use mediawiki 1.32 and my configuration is :

wfLoadExtension( 'LdapAuth' );
$wgLdapAuthDomainNames = 'FOO.LAB';
$wgLdapAuthServers = 'dc.foo.lab';
$wgLdapAuthBindDN = 'FOO\mediawiki';
$wgLdapAuthBindPass = ;
$wgLdapAuthIsActiveDirectory = true;
$wgLdapAuthRequireDomain = true;
$wgLdapAuthBaseDN = "dc=FOO,dc=LAB";

Thanks,
Vincent

Hello partners

I have been trying to configure authentication with Active Directory and I could not achieve it

This is the configuration of my file /var/www/html/mediawiki/LocalSettings.php

wfLoadExtension ('LdapAuth');
$ wgLdapAuthDomainNames = 'FOO.LOCAL';
$ wgLdapAuthServers = '192.168.0.1';
$ wgLdapAuthBindDN = '[email protected]';
$ wgLdapAuthBindPass = 'foopassword';
$ wgLdapAuthIsActiveDirectory = true;

and when I try to authenticate I just get the error

[XNtsVFxeuxQZiymEsXdDxwAAAAI] 2019-05-15 01:33:08: Fatal exception of type "Error"

and the most mysterious thing is that the time is not correct despite configuring the php.ini and the LocalSettings.php file

It looks like a bug in the code is somehow getting only the first character of the default value of $wgLdapAuthUsernameField (which is "sAMAccountName") and returning that.

My LocalSettings.php are:

LdapAuth config

wfLoadExtension( 'LdapAuth' );

$wgLdapAuthDomainNames = [

'SNRT'

];

$wgLdapAuthServers = [

'SNRT' => ['172.16.1.XXX']

];

$wgLdapAuthBindDN = [

'SNRT' => 'CN=ldap_lookup,CN=Users,DC=snrt,DC=io'

];

$wgLdapAuthBindPass = [

'SNRT' => 'BindPass'

];

$wgLdapAuthBaseDN = [

'SNRT' => 'OU=SNRT,DC=snrt,DC=io'

];

//$wgLdapAuthSearchFilter = [

//'SNRT' => '(&(objectClass=SNRT)(displayName=%1$s))'

//];

$wgLdapAuthEncryptionType = [

'SNRT' => 'tls'

];

$wgLdapAuthRequireDomain = false;

$wgLdapAuthIsActiveDirectory = true;

//$wgLdapAuthUseLocal = true;

#Enable Scure Login

$wgSecureLogin = true;

When I try to login using the LdapAuth extension I get the error:

Could not complete search with dn "OU=SNRT,DC=snrt,DC=io", query "(" and filters "s,givenName,sn,displayName,mail". LDAP error was [-7] Bad search filter

Obviously the web-server is trying to communicate with the AD server but the code has errors. This has been the issue all along, the code that the extension lists as configuration settings was misleading. You can't just set a string value in most of the settings, they have to be arrays or you get a php error.

LdapAuth expects $wgLdapAuthDomainNames to be set, but openLDAP cannot handle requests like USERNAME@AUTHDOMAINNAME.

MediaWiki log file:

[authentication] Attempting to bind to LDAP for search with DN "uid=++++1++++,ou=people,dc=++++2++++,dc=++++3++++,dc=++++4++++@++++AUTHDOMAINNAME++++".
[authentication] Bound successfully.
[authentication] Username and Password do not match. Please try again.
[authentication] Invalid DN syntax
[GlobalTitleFail] MessageCache::parse called by Shanept\LdapAuth\Exceptions\ConnectionException->__construct/Exception->__construct/Message->__toString/Message->toString/Message->parseText/MessageCache->parse with no title set.
[authentication] Login failed in primary authentication by Shanept\LdapAuth\Auth\PrimaryAuthenticationProvider

openLDAP log file:

2018-12-11T20:24:42.163198+01:00 ldap slapd[3036]: conn=78930 fd=30 ACCEPT from IP=++++++++:47748 (IP=0.0.0.0:389)
2018-12-11T20:24:42.163465+01:00 ldap slapd[3036]: conn=78930 op=0 BIND dn="uid=++++1++++,ou=people,dc=++++2++++,dc=++++3++++,dc=++++4++++" method=128
2018-12-11T20:24:42.163614+01:00 ldap slapd[3036]: conn=78930 op=0 BIND dn="uid=++++1++++,ou=people,dc=++++2++++,dc=++++3++++,dc=++++4++++" mech=SIMPLE ssf=0
2018-12-11T20:24:42.163775+01:00 ldap slapd[3036]: conn=78930 op=0 RESULT tag=97 err=0 text=
2018-12-11T20:24:42.174979+01:00 ldap slapd[3036]: conn=78930 op=1 BIND anonymous mech=implicit ssf=0
2018-12-11T20:24:42.175155+01:00 ldap slapd[3036]: conn=78930 op=1 do_bind: invalid dn (++++USERNAME++++@++++AUTHDOMAINNAME++++)
2018-12-11T20:24:42.175290+01:00 ldap slapd[3036]: conn=78930 op=1 RESULT tag=97 err=34 text=invalid DN
2018-12-11T20:24:42.224574+01:00 ldap slapd[3036]: conn=78930 op=2 UNBIND
2018-12-11T20:24:42.224859+01:00 ldap slapd[3036]: conn=78930 fd=30 closed

When $wgLdapAuthDomainNames is left empty or set to false an exception occurs.

[exception] [XBAJqy6jcZ8AAAJpZpIAAAAE] /index.php?title=Spezial:Anmelden&returnto=Spezial:Version TypeError from line 100 of /var/www/vhosts/++++++++/httpdocs/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php: Argument 1 passed to Shanept\LdapAuth\Auth\PrimaryAuthenticationProvider::beginPrimaryLdapAuthentication() must be an instance of Shanept\LdapAuth\Auth\LdapAuthenticationRequest, null given, called in /var/www/vhosts/++++++++/httpdocs/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php on line 88

LocalSettings.php

wfLoadExtension( 'LdapAuth' );
$wgLdapAuthDomainNames = '++++AUTHDOMAINNAME++++';
$wgLdapAuthServers = '++++++++';
$wgLdapAuthBindDN = 'uid=++++1++++,ou=people,dc=++++2++++,dc=++++3++++,dc=++++4++++';
$wgLdapAuthBindPass = '++++++++';
$wgLdapAuthSearchFilter = '(&(objectClass=person)(uid=%1$si))';

I was finally able to set up this plugin so that I at least would get the login screen, but trying to log in MediaWiki (1.34) only tells me Could not successfully connect to an LDAP server.
In the Log file I can see

[DBQuery] MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider::beginPrimaryAuthentication [0s] localhost: SELECT user_id,user_newpassword,user_newpass_time FROM mediawikiuser WHERE user_name = 'Rrosner' LIMIT 1
[DBQuery] User::load [0s] localhost: SELECT actor_id,actor_user,actor_name FROM mediawikiactor WHERE actor_na\me = 'Rrosner' LIMIT 1
[authentication] Attempting to bind to LDAP for search with DN "cn=wikiauth,dc=x.yz,dc=[email protected]".
[error] [93f8799260a901f9e9f70920] /index.php/Spezial:Anmelden ErrorException from line 388 of /var/www/mediawiki-1.34.0/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php: PHP Warning: Invalid argument supplied for foreach()
#0 /var/www/mediawiki-1.34.0/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php(388): MWExceptionHandler::handleError(integer, string, string, integer, array)
#1 /var/www/mediawiki-1.34.0/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php(110): Shanept\LdapAuth\Auth\PrimaryAuthenticationProvider-connect(Shanept\LdapAuth\Auth\LdapAuthenticationRequest)
#2 /var/www/mediawiki-1.34.0/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php(88): Shanept\LdapAuth\Auth\PrimaryAuthenticationProvider->beginPrimaryLdapAuthentication(Shanept\LdapAuth\Auth\LdapAuthenticationRequest)
#3 /var/www/mediawiki-1.34.0/includes/auth/AuthManager.php(458): Shanept\LdapAuth\Auth\PrimaryAuthenticationProvider->beginPrimaryAuthentication(array)
#4 /var/www/mediawiki-1.34.0/includes/auth/AuthManager.php(388): MediaWiki\Auth\AuthManager->continueAuthentication(array)
#5 /var/www/mediawiki-1.34.0/includes/specialpage/AuthManagerSpecialPage.php(354): MediaWiki\Auth\AuthManager->beginAuthentication(array, string)
#6 /var/www/mediawiki-1.34.0/includes/specialpage/AuthManagerSpecialPage.php(484): AuthManagerSpecialPage->performAuthenticationStep(string, array)
#7 /var/www/mediawiki-1.34.0/includes/htmlform/HTMLForm.php(690): AuthManagerSpecialPage->handleFormSubmit(array, VFormHTMLForm)
#8 /var/www/mediawiki-1.34.0/includes/specialpage/AuthManagerSpecialPage.php(417): HTMLForm->trySubmit()
#9 /var/www/mediawiki-1.34.0/includes/specialpage/LoginSignupSpecialPage.php(313):
#10 /var/www/mediawiki-1.34.0/includes/specialpage/SpecialPage.php(575): LoginSignupSpecialPage->execute(NULL)
#11 /var/www/mediawiki-1.34.0/includes/specialpage/SpecialPageFactory.php(611): SpecialPage->run(NULL)
#12 /var/www/mediawiki-1.34.0/includes/MediaWiki.php(296): MediaWiki\Special\SpecialPageFactory->executePath(Title, RequestContext)
#13 /var/www/mediawiki-1.34.0/includes/MediaWiki.php(900): MediaWiki->performRequest()
#14 /var/www/mediawiki-1.34.0/includes/MediaWiki.php(527): MediaWiki->main()
#15 /var/www/mediawiki-1.34.0/index.php(44): MediaWiki->run()
#16 {main}

And yes, the BindDN is actually cn=wikiauth,dc=x.yz,dc=de, not cn=wikiauth,dc=x,dc=yz,dc=de.
I'm a bit confused about the "Attempting to bind to LDAP for search with DN "cn=wikiauth,dc=x.yz,dc=[email protected]"." part. Maybe I missed something but the DN looks completely wrong. I'd say it has to be without the @-part.

But I have no clue if the config is even right. I set it to

wfLoadExtension( 'LdapAuth' );                                                                                       
$wgLdapAuthDomainNames = ['x.yz.de'];
$wgLdapAuthServers = ['x.yz.de' => 'auth.x.yz.de'];
$wgLdapAuthBindDN = ['x.yz.de' => 'cn=wikiauth,dc=x.yz,dc=de'];
$wgLdapAuthBindPass = ['x.yz.de' => 'xxxxxxxx'];
$wgLdapAuthEncryptionType = ['x.yz.de' => 'ssl'];
$wgLdapAuthBaseDN = ['x.yz.de' => 'dc=x.yz,dc=de'];
$wgLdapAuthSearchFilter = ['x.yz.de' => '(&(objectClass=inetOrgPerson)(uid=%1$s))'];

I know that with the previous MediaWiki Version we used (1.24) and the Plugin we used then (I think LdapAuthentication), the config was

$wgLDAPDomainNames = array(
  'x',
  );
$wgLDAPServerNames = array(
  'x' => 'auth.x.yz.de',
);
$wgLDAPUseLocal = false;
$wgLDAPEncryptionType = array(
  'x' => 'ssl',
);
$wgLDAPPort = array(
  'x' => 636,
);
$wgLDAPProxyAgent = array(
  'x' => 'cn=wikiauth,dc=x.yz,dc=de',
);
$wgLDAPProxyAgentPassword = array(
  'x' => 'xxxxxxxx',
);
$wgLDAPSearchAttributes = array(
  'x' => 'uid'
);
$wgLDAPBaseDNs = array(
  'x' => 'dc=x.yz,dc=de',
);                                                                                                                  
# To pull e-mail address from LDAP
$wgLDAPPreferences = array(
  'x' => array( 'email' => 'mail')
);
# Group based restriction
$wgLDAPGroupUseFullDN = array( "x"=>false );
$wgLDAPGroupObjectclass = array( "x"=>"posixGroup" );
$wgLDAPGroupAttribute = array( "x"=>"memberUid" );
$wgLDAPGroupSearchNestedGroups = array( "x"=>false );
$wgLDAPGroupNameAttribute = array( "x"=>"cn" );
$wgLDAPRequiredGroups = array( "x"=>array("cn=wiki,ou=groups,dc=x.yz,dc=de"));
$wgLDAPLowerCaseUsername = array(
  'x' => true,
);

Maybe someone could help me translate the settings. Because just changing the DomainName from x.yz.de to x as it was in the old version doesn't fix it.

Hi, I'd like to share my experiences.

My config: Debian 10, mediawiki 1.33, newest ldapauth and ldap/AD.
I had a problems with connection to AD. After a week and a half of torment I solved it by add undocumented LdapAuth parameters to LocalSettings.php:

$wgLdapAuthUsernameField = [
'domain.local' => 'sAMAccountName',
];
$wgLdapAuthDisplayNameField = [
'domain.local' => 'displayName',
];

I also noticed that many of the known parameters require array type, it doesn't work as a string.

Best,
Marcin

When you try to log in the following error appears in the logs:

[authentication] Bound successfully.
[authentication] Login failed in primary authentication by Shanept\LdapAuth\Auth\PrimaryAuthenticationProvider

The use of this username and password has been forbidden.

Getting the following trace:
`[38f4ffaec5dea7a5eb1c0904] /index.php?title=Special:UserLogin&returnto=Special:Version Error from line 388 of /var/www/mediawiki/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php: Class 'Symfony\Component\Ldap\Ldap' not found

Backtrace:

#0 /var/www/mediawiki/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php(110): Shanept\LdapAuth\Auth\PrimaryAuthenticationProvider->connect(Shanept\LdapAuth\Auth\LdapAuthenticationRequest)
#1 /var/www/mediawiki/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php(88): Shanept\LdapAuth\Auth\PrimaryAuthenticationProvider->beginPrimaryLdapAuthentication(Shanept\LdapAuth\Auth\LdapAuthenticationRequest)
#2 /var/www/mediawiki/includes/auth/AuthManager.php(453): Shanept\LdapAuth\Auth\PrimaryAuthenticationProvider->beginPrimaryAuthentication(array)
#3 /var/www/mediawiki/includes/auth/AuthManager.php(383): MediaWiki\Auth\AuthManager->continueAuthentication(array)
#4 /var/www/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(353): MediaWiki\Auth\AuthManager->beginAuthentication(array, string)
#5 /var/www/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(482): AuthManagerSpecialPage->performAuthenticationStep(string, array)
#6 /var/www/mediawiki/includes/htmlform/HTMLForm.php(660): AuthManagerSpecialPage->handleFormSubmit(array, VFormHTMLForm)
#7 /var/www/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(416): HTMLForm->trySubmit()
#8 /var/www/mediawiki/includes/specialpage/LoginSignupSpecialPage.php(316): AuthManagerSpecialPage->trySubmit()
#9 /var/www/mediawiki/includes/specialpage/SpecialPage.php(522): LoginSignupSpecialPage->execute(NULL)
#10 /var/www/mediawiki/includes/specialpage/SpecialPageFactory.php(568): SpecialPage->run(NULL)
#11 /var/www/mediawiki/includes/MediaWiki.php(288): SpecialPageFactory::executePath(Title, RequestContext)
#12 /var/www/mediawiki/includes/MediaWiki.php(861): MediaWiki->performRequest()
#13 /var/www/mediawiki/includes/MediaWiki.php(524): MediaWiki->main()
#14 /var/www/mediawiki/index.php(42): MediaWiki->run()
#15 {main}

composer install has been done:

mediawiki# ls -l extensions/LdapAuth/vendor/
total 60K
-rw-r--r-- 1 www-data root  178 Nov 22 15:52 autoload.php
drwxr-xr-x 2 www-data root 4096 Nov 22 15:49 bin
drwxr-xr-x 5 www-data root 4096 Nov 22 15:49 composer
drwxr-xr-x 3 www-data root 4096 Nov 22 15:49 felixfbecker
drwxr-xr-x 3 www-data root 4096 Nov 22 15:49 jakub-onderka
drwxr-xr-x 3 www-data root 4096 Nov 22 15:49 mediawiki
drwxr-xr-x 3 www-data root 4096 Nov 22 15:49 microsoft
drwxr-xr-x 3 www-data root 4096 Nov 22 15:49 netresearch
drwxr-xr-x 3 www-data root 4096 Nov 22 15:49 phan
drwxr-xr-x 5 www-data root 4096 Nov 22 15:49 phpdocumentor
drwxr-xr-x 3 www-data root 4096 Nov 22 15:49 psr
drwxr-xr-x 3 www-data root 4096 Nov 22 15:49 sabre
drwxr-xr-x 3 www-data root 4096 Nov 22 15:49 squizlabs
drwxr-xr-x 6 www-data root 4096 Nov 22 15:49 symfony
drwxr-xr-x 3 www-data root 4096 Nov 22 15:49 webmozart

/mediawiki# ls -l extensions/LdapAuth/vendor/symfony/
total 16K
drwxr-xr-x 19 www-data root 4096 Nov 22 15:49 console
drwxr-xr-x  5 www-data root 4096 Nov 22 15:49 ldap
drwxr-xr-x  5 www-data root 4096 Nov 22 15:49 options-resolver
drwxr-xr-x  3 www-data root 4096 Nov 22 15:49 polyfill-mbstring

Settings as follows:

mediawiki# grep LdapAuth LocalSettings.php
wfLoadExtension( 'LdapAuth' );
$wgLdapAuthDomainNames = 'DOMAIN';
$wgLdapAuthServers = 'SERVER';
$wgLdapAuthBindDN = 'CN=..';
$wgLdapAuthBindPass = '..';
$wgLdapAuthBaseDN = 'CN=Users,DC=DOMAIN';
$wgLdapAuthIsActiveDirectory = true;

PHP LDAP has been installed as well:

@wiki:/var/www/mediawiki# dpkg -l | grep php7.2 | awk '{ print $2 }'
libapache2-mod-php7.2
php7.2-cli
php7.2-common
php7.2-curl
php7.2-gd
php7.2-json
php7.2-ldap
php7.2-mbstring
php7.2-mysql
php7.2-opcache
php7.2-phpdbg
php7.2-readline
php7.2-xml

include hint that autocreateaccount might need to be set true

If you get error:

Auto-creation of a local account failed: Automatic account creation is not allowed.

you might want to set:

$wgGroupPermissions['*']['autocreateaccount'] = true;

I installed your Extension on Mediwiki 1.31.1 on a SLES 12 VM.
When I try to login with an ldap user it gives me "[66dc594e866a548ca6ed2083] 2018-11-16 HH:MM:SS: Fataler Ausnahmefehler des Typs „Error“ (Fatal Exception of Type Error)".
As I checked the debug file it says: [exception] [66dc594e866a548ca6ed2083] /index.php?title=Spezial:Anmelden&returnto=Hauptseite Error from line 388 of /srv/www/htdocs/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php: Class 'Symfony\Component\Ldap\Ldap' not found.
When I check the PrimaryAuthenticationProvider.php on line 388 it says:

$ldap = Ldap::create( 'ext_ldap', [ //this is 388
'host' => $server,
'encryption' => $encryption
] );

Would be great to get it running because the "offical" Extension on the MediaWiki Site don't work on MW 1.31.1.

Hi, I'm trying to use this extension with version 1.34 MediaWiki. But I'm facing this issue.

With this configuration pattern:

• $wgLdapAuthDomainNames = 'domain.local';
• $wgLdapAuthServers = 'server1.local';
• $wgLdapAuthBindDN = 'CN=WikiMedia,DC=domain,DC=local';
• $wgLdapAuthBindPass = 'passx';

With debug enabled I get errors about variable format:
[exception] [6f033baae0b3ac339b1b0450] /index.php?title=Especial:Autenticar-se&returnto=P%C3%A1gina+principal TypeError from line 39 of /var/www/mediawiki/includes/auth/PasswordDomainAuthenticationRequest.php: Argument 1 passed to MediaWiki\Auth\PasswordDomainAuthenticationRequest::__construct() must be of the type array, string given, called in /var/www/mediawiki/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php on line 62
#0 /var/www/mediawiki/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php(62): MediaWiki\Auth\PasswordDomainAuthenticationRequest->__construct(string)
#1 /var/www/mediawiki/includes/auth/AuthManager.php(2104): Shanept\LdapAuth\Auth\PrimaryAuthenticationProvider->getAuthenticationRequests(string, array)
#2 /var/www/mediawiki/includes/auth/AuthManager.php(2082): MediaWiki\Auth\AuthManager->getAuthenticationRequestsInternal(string, array, array, User)
#3 /var/www/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(256): MediaWiki\Auth\AuthManager->getAuthenticationRequests(string, User)
#4 /var/www/mediawiki/includes/specialpage/LoginSignupSpecialPage.php(141): AuthManagerSpecialPage->loadAuth(NULL)
#5 /var/www/mediawiki/includes/specialpage/LoginSignupSpecialPage.php(229): LoginSignupSpecialPage->load(NULL)
#6 /var/www/mediawiki/includes/specialpage/SpecialPage.php(571): LoginSignupSpecialPage->execute(NULL)
#7 /var/www/mediawiki/includes/specialpage/SpecialPageFactory.php(575): SpecialPage->run(NULL)
#8 /var/www/mediawiki/includes/MediaWiki.php(288): MediaWiki\Special\SpecialPageFactory->executePath(Title, RequestContext)
#9 /var/www/mediawiki/includes/MediaWiki.php(865): MediaWiki->performRequest()
#10 /var/www/mediawiki/includes/MediaWiki.php(515): MediaWiki->main()
#11 /var/www/mediawiki/index.php(42): MediaWiki->run()
#12 {main}
Then I've changed config to this format:

• $wgLdapAuthDomainNames = array( 'domain');
• $wgLdapAuthServers = array( 'domain' => 'server1.local' );
• $wgLdapAuthBindDN = 'array( 'domain' => CN=WikiMedia,DC=domain,DC=local' );
• $wgLdapAuthBindPass = array( 'domain' => 'passx' );

[error] [2d8fa6079f4071a17de8030d] /index.php?title=Especial:Autenticar-se&returnto=P%C3%A1gina+principal ErrorException from line 385 of /var/www/mediawiki/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php: PHP Warning: Invalid argument supplied for foreach()
#0 /var/www/mediawiki/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php(385): MWExceptionHandler::handleError(integer, string, string, integer, array)
#1 /var/www/mediawiki/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php(110): Shanept\LdapAuth\Auth\PrimaryAuthenticationProvider->connect(Shanept\LdapAuth\Auth\LdapAuthenticationRequest)
#2 /var/www/mediawiki/extensions/LdapAuth/src/Auth/PrimaryAuthenticationProvider.php(88): Shanept\LdapAuth\Auth\PrimaryAuthenticationProvider->beginPrimaryLdapAuthentication(Shanept\LdapAuth\Auth\LdapAuthenticationRequest)
#3 /var/www/mediawiki/includes/auth/AuthManager.php(455): Shanept\LdapAuth\Auth\PrimaryAuthenticationProvider->beginPrimaryAuthentication(array)
#4 /var/www/mediawiki/includes/auth/AuthManager.php(385): MediaWiki\Auth\AuthManager->continueAuthentication(array)
#5 /var/www/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(353): MediaWiki\Auth\AuthManager->beginAuthentication(array, string)
#6 /var/www/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(482): AuthManagerSpecialPage->performAuthenticationStep(string, array)
#7 /var/www/mediawiki/includes/htmlform/HTMLForm.php(672): AuthManagerSpecialPage->handleFormSubmit(array, VFormHTMLForm)
#8 /var/www/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(416): HTMLForm->trySubmit()
#9 /var/www/mediawiki/includes/specialpage/LoginSignupSpecialPage.php(313): AuthManagerSpecialPage->trySubmit()
#10 /var/www/mediawiki/includes/specialpage/SpecialPage.php(571): LoginSignupSpecialPage->execute(NULL)
#11 /var/www/mediawiki/includes/specialpage/SpecialPageFactory.php(575): SpecialPage->run(NULL)
#12 /var/www/mediawiki/includes/MediaWiki.php(288): MediaWiki\Special\SpecialPageFactory->executePath(Title, RequestContext)
#13 /var/www/mediawiki/includes/MediaWiki.php(865): MediaWiki->performRequest()
#14 /var/www/mediawiki/includes/MediaWiki.php(515): MediaWiki->main()
#15 /var/www/mediawiki/index.php(42): MediaWiki->run()
#16 {main}

It's like the server list is wrong in some way.
We use Nginx and PHP 7.2 FPM
I will try to collect more information about this error.
Thank you

Hi,
Please advise how the extension can be debugged.
I have mw-1.31.1 which was updated from 1.24 and LdapAuthentication extension to the latest available LdapAuth extension code.
Here is configuration from LocalSettings.php:

wfLoadExtension( 'LdapAuth' );
$wgLdapAuthDomainNames = 'example.org';
$wgLdapAuthServers = '192.168.1.1;
$wgLdapAuthBindDN = 'cn=wikiuser,ou=Users,dc=example,dc=org';
$wgLdapAuthBindPass = 'Passw0rd';
$wgLdapAuthBaseDN = 'dc=example,dc=org';

I can catch a REMOTE_USER variable, it looks like [email protected].
For some reason LdapAuth behaves like it is not configured (when all basic parameters set to false) - mw doesn't provide access like it was with previous extension, I see no errors in apache logs or any activity related to ldap in mediawiki debug log. Also there is no traffic to ldap server (sniffed with tcpdump).