I'm setting up Silverstripe to use as our Department's website and intranet. I need to get auth-external working with auto-add accounts, because I'm damned if I want to add a gazillion new students to the database every year so they can log on to the intranet. I've got the authentication working for existing accounts, but when I get someone to try to log on using just the LDAP it doesn't work. The relevant bit of the log (with the actual username replaced by me with [user]) says:
"Tue, 04 May 10 12:55:59 +1200 - [user].ldap - LDAP Authentication success
Tue, 04 May 10 12:55:59 +1200 - [user] - authentication success
Tue, 04 May 10 12:55:59 +1200 - [user] - User did not exist but did authenticate. Adding user to database
Tue, 04 May 10 12:55:59 +1200 - [user] - The group to add the user to did not exist
Tue, 04 May 10 12:55:59 +1200 - Process for user [user] ended"

I found something in the archives of this forum which recommended replacing "Group.Title" with "Group.Code" in the appropriate part of ExternalAuthenticator.php and did that, but the same error happened.

I should add that the group does indeed exist, and I've tried it with a couple of different names just in case one was reserved or something.

Can anyone help?

v0.3.1 for the module, 2.3.7 for Silverstripe. I do have a line like that now, before it was missing the 'ldap', bit, but it still does the same thing. It's a bit of a team effort, this. The guy who runs the ldap server modified the config file for me.

the config file is attached

Have done that and it works. Thanks a lot.

However, although the log says it's adding the user to the database, when I go to look at what's been added it's surname: unknown, firstname: unknown, email: root@localhost. Is that what's supposed to happen?

All fixed. It had to do with some funny mapping thing in the LDAP. Something to do with how OS X does things as opposed to how traditional unix does them.