Open GoogleCodeExporter opened 8 years ago
I'm using a release from earlier this year at home (version 2.1.5, git commit
#65f316708fbc19d225a8e10ffeace3afca31c3c5) and had to hack up main.queries.php
to get it to talk to Openldap. I can't seem to use the current master version
or the most recently modified 2.1.8 version as neither seem to correctly
initialize the mysql database tables (database created, user grants,
install.php bombs on step #4).
This is the 1 line fast hack I did to get it working with the older commit:
if ($adldap -> authenticate($username,$password_clear)){
if ($adldap -> authenticate("uid=$username,",$password_clear)){
Then in the web ui set...
LDAP account suffix for your domain: ou=People,dc=domain,dc=com
LDAP base dn for your domain: dc=domain,dc=com
LDAP array of domain controllers: localhost
I had TLS/SSL disabled for this particular test, but they should be usable if
your ldap.conf is setup correctly.
Original comment by technoe...@gmail.com
on 26 Jul 2012 at 5:01
To login using UID, I have add a search before in the bind.
In the file includes/libraries/adLDAP/adLDAP.php in the authenticate function
add:
//Search the user
$this->_filter = "(|(uid=" . $username . "))";
$this->_result =
@ldap_search($this->_conn,$this->_account_suffix,$this->_filter) or die
("Search error.");
$this->_entries = @ldap_get_entries($this->_conn, $this->_result);
$this->_binddn = $this->_entries[0]["dn"];
// Bind as the user
$this->_bind = @ldap_bind($this->_conn,$this->_binddn,$password);
After that in the web interface:
LDAP account suffix for your domain: ou=people,dc=domain,dc=com
LDAP base dn for your domain: dc=domain,dc=com
LDAP array of domain controllers: IP_to_LDAPSERVER
NOTE: You can change the filter to allow as well mail authentication, for
example: $filter = "(|(uid=" . $username . ")" . "(mail=" . $username ."@\*))";
Original comment by josedes...@gmail.com
on 23 Oct 2012 at 9:19
For Version 1.0 Try try the following:
//OpenLDAP?
- if($this->openLDAP == true) { $this->ldapBind =
@ldap_bind($this->ldapConnection, "uid=".$username . $this->accountSuffix,
$password); }
+ if($this->openLDAP == true) {
+ //$this->ldapBind = @ldap_bind($this->ldapConnection, "uid=".$username .
$this->accountSuffix, $password);
+
+ // By A. Koros: Commented out the above line and added section below to
allow uid search
+
////////////////////////////////////////////////////////////////////////////////
////////
+
+ // Atempt to bind anonymously first
+ $this->ldapBind = @ldap_bind($this->ldapConnection, NULL, NULL);
+
+ //Search the user's dn using the supplied username as the uid
+ $this->filter = "(&(objectClass=*)(uid=" . $username . "))";
+ $this->result =
@ldap_search($this->ldapConnection,$this->baseDn,$this->filter) or die ("Search
error.");
+
+ $this->entries = @ldap_get_entries($this->ldapConnection, $this->result);
+ $ldapBindDn = $this->entries[0]["dn"];
+ //echo $ldapBindDn;
+
+ // Bind as the user
+ $this->ldapBind = @ldap_bind($this->ldapConnection,$ldapBindDn,$password);
+
+ // End of Koros Additions
+ ///////////////////////////
+ }
else { $this->ldapBind = @ldap_bind($this->ldapConnection, $username . $this->accountSuffix, $password); }
if (!$this->ldapBind){
$ret = false;
}
Original comment by andko...@gmail.com
on 10 Jul 2014 at 9:01
Original issue reported on code.google.com by
bennywil...@googlemail.com
on 13 Jun 2012 at 6:40