Drupal Association members fund grants that make connections all over the world.
This is probably a configuration issue, but I can't find the solution online.
I recently upgraded to the 7.x-2.0-beta3 version from 7.x-1, and while existing LDAP users can login with their LDAP passwords, LDAP users who have never logged into Drupal cannot. It can't seem to create new users.
I'm using Active Directory
My settings in Tab #3. User are as follows
How to resolve LDAP conflicts with manually created Drupal accounts.
- Associate manually created Drupal accounts with related LDAP Account if one exists.
Drupal Account Provisioning Events
- Create or Synch to Drupal user on successful authentication with LDAP credentials. (Requires LDAP Authentication module).
- Create or Synch to Drupal user anytime a Drupal user account is created or updated. Requires a server with binding method of "Service Account Bind" or "Anonymous Bind".
Existing Drupal User Account Conflict *
- Associate Drupal account with the LDAP entry. This option is useful for creating accounts and assigning roles before an LDAP user authenticates.
Application of Drupal Account settings to LDAP Authenticated Users *
- Account creation policy at /admin/config/people/accounts/settings applies to both Drupal and LDAP Authenticated users. "Visitors" option automatically creates and account when they successfully LDAP authenticate. "Admin" and "Admin with approval" do not allow user to authenticate until the account is approved.
Action to perform on Drupal account that no longer have a corresponding LDAP entry
- Perform no action, but email list of orphaned accounts. (All the other options will send email summaries also.)
Number of users to check each cron run.
and I'm not using provisioning to LDAP Settings
When I turned on logging, I get
Failed ldap authentication. User may have authenticated successfully by other means in a mixed authentication site. LDAP Authentication Error #: 4 error message: User disallowed
The password is correct, and existing users can login with LDAP credentials.