JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Moderators: pe7er, General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
-
- Joomla! Fledgling
- Posts: 2
- Joined: Mon Jul 23, 2012 12:26 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Hi. I have the LDAP authentication working, but I cannot get the SSO to work.
Current setup is Joomla 2.5.6 running on Windows Server 2008 (x64) - on Apache 2.4.
Every time I try to enable mod_auth_sspi in httpd.conf, Apache wont start. Is there any other way to get SSo working without mod_auth_sspi? I can't seem to confirm whether or not it will even run in the config that I have described above.....
Thanks.
Current setup is Joomla 2.5.6 running on Windows Server 2008 (x64) - on Apache 2.4.
Every time I try to enable mod_auth_sspi in httpd.conf, Apache wont start. Is there any other way to get SSo working without mod_auth_sspi? I can't seem to confirm whether or not it will even run in the config that I have described above.....
Thanks.
-
- Joomla! Explorer
- Posts: 486
- Joined: Mon Jul 05, 2010 7:22 pm
- Location: UK
- Contact:
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Apologies for the delay - have been away.
@bancil31
You will need to email/PM me over your debug table (or just the groups row) to work out whats happening (make sure you remove any confidential information before sending). I can only think that your groups aren't valid DNs.
@avi_davidowitz
I can only think of the alternative mod_auth_ldap library.
@bancil31
You will need to email/PM me over your debug table (or just the groups row) to work out whats happening (make sure you remove any confidential information before sending). I can only think that your groups aren't valid DNs.
@avi_davidowitz
I can only think of the alternative mod_auth_ldap library.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/
-
- Joomla! Fledgling
- Posts: 1
- Joined: Mon Jul 30, 2012 10:15 am
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Hello,
At the moment we have an issue with the JMapMyLDAP plugin. Login works good but the mapping doesn't. Hope so that someone can help me with this problem. I've tried to download the latest version, but that was not the solution. I've made an mapping to put the domain admins into the 7 group but it becomes always to the registered group.
Much thanks for the answer
At the moment we have an issue with the JMapMyLDAP plugin. Login works good but the mapping doesn't. Hope so that someone can help me with this problem. I've tried to download the latest version, but that was not the solution. I've made an mapping to put the domain admins into the 7 group but it becomes always to the registered group.
Much thanks for the answer
-
- Joomla! Explorer
- Posts: 486
- Joined: Mon Jul 05, 2010 7:22 pm
- Location: UK
- Contact:
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
@Purejet
I'm not sure if you're the same person that has emailed me...
What LDAP vendor are you using ?
Does the values of your LDAP group attribute look like "cn=group1,ou=mine,dc=domain" or "group1" (you can check this using the PHP LDAP debug tool) ?
What are your plug-in parameters ?
I'm not sure if you're the same person that has emailed me...
What LDAP vendor are you using ?
Does the values of your LDAP group attribute look like "cn=group1,ou=mine,dc=domain" or "group1" (you can check this using the PHP LDAP debug tool) ?
What are your plug-in parameters ?
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/
-
- Joomla! Fledgling
- Posts: 3
- Joined: Tue Jun 26, 2012 3:32 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
What a great plugin! The functionality/flexibility has allowed us to do so much more with our site. I'm using jmap and group mapping and had no problems getting it up and running and mapping AD users to their joomla groups.
I do have a question about email addresses and mapping. I've got around 2500 users, and not all of them have an email attribute in AD. I saw using [username]@domain.com to create the generic email which will sync up in joomla ('cause i have it set to in the User Jmap..), but that then stops them from receiving email notifications (as our usernames are not part of actual email addresses).
Is there a way to write and "if" statement (i.e., use the mail attribute if one exists or if not, use generic) in the map e-mail field?
I do have a question about email addresses and mapping. I've got around 2500 users, and not all of them have an email attribute in AD. I saw using [username]@domain.com to create the generic email which will sync up in joomla ('cause i have it set to in the User Jmap..), but that then stops them from receiving email notifications (as our usernames are not part of actual email addresses).
Is there a way to write and "if" statement (i.e., use the mail attribute if one exists or if not, use generic) in the map e-mail field?
-
- Joomla! Fledgling
- Posts: 1
- Joined: Mon Aug 20, 2012 8:32 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
I recently had the JMapMyLDAP extension setup on a development server for a business Intranet and it worked perfectly. We just wanted the ability to have AD users login to the site without having to go through a complete registration process.
However, once development was complete - we moved the site to an external host and now JMapMyLDAP cannot connect to the AD server and we have A records pointing to our external IP correctly.
Can't determine what needs to change to get this back up and running. The Base DN shouldn't change if users are authenticating from the internet as opposed to the intranet, should it?
However, once development was complete - we moved the site to an external host and now JMapMyLDAP cannot connect to the AD server and we have A records pointing to our external IP correctly.
Can't determine what needs to change to get this back up and running. The Base DN shouldn't change if users are authenticating from the internet as opposed to the intranet, should it?
-
- Joomla! Explorer
- Posts: 486
- Joined: Mon Jul 05, 2010 7:22 pm
- Location: UK
- Contact:
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
@jbdjbd
That would require some custom code. I reckon the best way to do this would be to put the attribute key into the "map email" field, then check if the returning email value is empty. If is empty then use a fake email instead.
Assuming you're using V1 then you could modify /plugins/authentication/jmapmyldap/jmapmyldap.php and find:
then use something like instead:
@rsogo
Communicated via email. It appears to be a port forwarding issue.
Using a tool like nmap can discover whether appropriate ports are open and/or reachable.
That would require some custom code. I reckon the best way to do this would be to put the attribute key into the "map email" field, then check if the returning email value is empty. If is empty then use a fake email instead.
Assuming you're using V1 then you could modify /plugins/authentication/jmapmyldap/jmapmyldap.php and find:
Code: Select all
if(isset($details[$ldap->ldap_email][0]))
$response->email = $details[$ldap->ldap_email][0];
Code: Select all
if(empty($details[$ldap->ldap_email][0]))
{
$response->email = $response->username . '@example.com';
}
else
{
$response->email = $details[$ldap->ldap_email][0];
}
@rsogo
Communicated via email. It appears to be a port forwarding issue.
Using a tool like nmap can discover whether appropriate ports are open and/or reachable.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/
-
- Joomla! Fledgling
- Posts: 3
- Joined: Tue Jun 26, 2012 3:32 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
@ShMaunder
That did the trick! Thank you so much for you help.
That did the trick! Thank you so much for you help.
-
- Joomla! Apprentice
- Posts: 8
- Joined: Thu Feb 09, 2012 6:28 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Everything seems to be perfect except one thing. Every new user is auto-registered to the Registered group and I want them to register to a custom group I created.
I am NOT using group mapping. Here are my current User-JMapMyLDAP settings:
BASIC
Authentication Plugin = jmapmyldap
Auto Register = Override - Yes
Sync Name = Y
Sync Email = N
GROUP
All defaults except Public Group = 9 (the id of my custom group)
Obviously, setting the Public Group didn't do anything - I suspect because I'm not using group mapping.
Following along in this topic and your replies, I've also made the following changes in \libraries\shmanic\jmapmyldap.php :
Changed line 88 to
Changed line 494 to
Changed line 979 to
Do I have to use group mappings to be able to control which group people are auto-registered to? What do I need to do?
Thanks in advance - Robin
I am NOT using group mapping. Here are my current User-JMapMyLDAP settings:
BASIC
Authentication Plugin = jmapmyldap
Auto Register = Override - Yes
Sync Name = Y
Sync Email = N
GROUP
All defaults except Public Group = 9 (the id of my custom group)
Obviously, setting the Public Group didn't do anything - I suspect because I'm not using group mapping.
Following along in this topic and your replies, I've also made the following changes in \libraries\shmanic\jmapmyldap.php :
Changed line 88 to
Code: Select all
protected $group_map_public = 9;
Code: Select all
self::addUserToGroup($joomlaUser, 9);
Code: Select all
$defaultUserGroup = $config->get('new_usertype', 9);
Thanks in advance - Robin
-
- Joomla! Fledgling
- Posts: 3
- Joined: Wed Jul 18, 2012 8:55 am
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Hello everybody,
I'm back !
Have you spent good holidays ?
Did you think about my issue this summer ? ;-)
I'm back !
Have you spent good holidays ?
Did you think about my issue this summer ? ;-)
- GJSchaller
- Joomla! Enthusiast
- Posts: 162
- Joined: Wed Aug 24, 2005 2:57 pm
- Location: White Plains, NY
- Contact:
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Hello! Two questions for you...
1) I'm sure everyone is asking this, about every extension - will this be updated for Joomla 3.X compatibility?
2) Is there any chance of combining this with, or implementing, a SAML solution?
Thank you!
1) I'm sure everyone is asking this, about every extension - will this be updated for Joomla 3.X compatibility?
2) Is there any chance of combining this with, or implementing, a SAML solution?
Thank you!
-
- Joomla! Apprentice
- Posts: 8
- Joined: Thu Feb 09, 2012 6:28 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
I have this implemented and working great... as long as the user is on the same domain. The problem is that our organization implements several domains and I need to give everyone the ability to get to this site. Any thoughts or advice?
-
- Joomla! Intern
- Posts: 61
- Joined: Thu Jan 08, 2009 2:39 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
I've installed this and when I try to login I get this error:
Username and password do not match or you do not have an account yet.
You do not have access to the administrator section of this site.
this tells me that it is hitting the LDAP server.
I know my login is correct.
What can I look at to troubleshoot this?
Username and password do not match or you do not have an account yet.
You do not have access to the administrator section of this site.
this tells me that it is hitting the LDAP server.
I know my login is correct.
What can I look at to troubleshoot this?
-
- Joomla! Intern
- Posts: 54
- Joined: Sat Nov 25, 2006 10:36 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Is there an ETA on version 2 as of yet?
In the previous threads, you mentioned that version 2 should be able to create LDAP users, as well as syncing the user database with LDAP. This is the issue I am trying to solve.
JAuthTools did this for J1.5 however..... I don't believe JAuthTools is supported in J2.5 or J3, so there is definately a need for an extension that can do this.
In the previous threads, you mentioned that version 2 should be able to create LDAP users, as well as syncing the user database with LDAP. This is the issue I am trying to solve.
JAuthTools did this for J1.5 however..... I don't believe JAuthTools is supported in J2.5 or J3, so there is definately a need for an extension that can do this.
-
- Joomla! Explorer
- Posts: 486
- Joined: Mon Jul 05, 2010 7:22 pm
- Location: UK
- Contact:
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Apologies for not being active here again. If you add a post here then please email me as well.
Multiple domains can be hacked on using this post http://forum.joomla.org/viewtopic.php?f ... 0#p2727858 - will be a native feature one day.
@drammar - I'm still committing stuff to version 2's repos but its quite slow work at the moment. So no ETA of version 2. I have a few days free where I'll get some more stuff written and committed.
Multiple domains can be hacked on using this post http://forum.joomla.org/viewtopic.php?f ... 0#p2727858 - will be a native feature one day.
@drammar - I'm still committing stuff to version 2's repos but its quite slow work at the moment. So no ETA of version 2. I have a few days free where I'll get some more stuff written and committed.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/
-
- Joomla! Fledgling
- Posts: 2
- Joined: Wed Jan 23, 2013 5:19 am
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
G'day,
I just found your plugin in on JED and would like to know if I can use it do what I need.
I run a community based website that has a large number of school based audiences. I want to be be able to set up a membership subscription service for the schools so I can offer schools memberships and any one of their students or teachers can login via a LDAP connection. So, put simply, I need to be able to provide multiple LDAP connections to my site. Is this possible?
I'm currently running J2.5, jomsocial, and payplans as the backbone of the site.
Cheers
Andrew
I just found your plugin in on JED and would like to know if I can use it do what I need.
I run a community based website that has a large number of school based audiences. I want to be be able to set up a membership subscription service for the schools so I can offer schools memberships and any one of their students or teachers can login via a LDAP connection. So, put simply, I need to be able to provide multiple LDAP connections to my site. Is this possible?
I'm currently running J2.5, jomsocial, and payplans as the backbone of the site.
Cheers
Andrew
-
- Joomla! Explorer
- Posts: 486
- Joined: Mon Jul 05, 2010 7:22 pm
- Location: UK
- Contact:
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
@andacod
Running multiple LDAP instances is only possible in the yet to be released version 2. The code is there, but there is no components to administer/configure it. So if this system you need is a few months off then you should be OK, but if you need it now I suggest you pick up what I've done so far and create a component for it.
I can't get my hands on Jomsocial due to licensing so I can't comment on that - though if it uses the Joomla user authentication sequence & databases, then it should work. After I release V2 I will look at getting my hands on Jomsocial.
Running multiple LDAP instances is only possible in the yet to be released version 2. The code is there, but there is no components to administer/configure it. So if this system you need is a few months off then you should be OK, but if you need it now I suggest you pick up what I've done so far and create a component for it.
I can't get my hands on Jomsocial due to licensing so I can't comment on that - though if it uses the Joomla user authentication sequence & databases, then it should work. After I release V2 I will look at getting my hands on Jomsocial.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/
-
- Joomla! Apprentice
- Posts: 21
- Joined: Fri Feb 04, 2011 5:44 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
I am having trouble configuring JMapMyLDAP to allow authentication.
Here is an LDAP entry from my FreeIPA server:
If someone could advise me on the proper setup to allow this to authenticate I would be greatly appreciative.
Currently I have this for connect user: uid=admin,cn=users,cn=accounts,dc=myhhca,dc=com
and the Connect password it the appropriate admin password.
Server IP and ports are correct.
Use search is on
Base DN: cn=users,cn=accounts,dc=myhhca,dc=com
Uer DN Filter: uid=[username]
Map User ID: uid
Map Full Name: cn
Map Email: mail
If anyone can help please let me know.
Here is an LDAP entry from my FreeIPA server:
Code: Select all
[root@auth ~]# ldapsearch -Y GSSAPI -b "dc=MYHHCA,dc=COM" uid=bmcwhirt
SASL/GSSAPI authentication started
SASL username: [email protected]
SASL SSF: 56
SASL data security layer installed.
# extended LDIF
#
# LDAPv3
# base <dc=MYHHCA,dc=COM> with scope subtree
# filter: uid=bmcwhirt
# requesting: ALL
#
# bmcwhirt, users, compat, myhhca.com
dn: uid=bmcwhirt,cn=users,cn=compat,dc=myhhca,dc=com
objectClass: posixAccount
objectClass: top
gecos: Bryan McWhirt
cn: Bryan McWhirt
uidNumber: 154200001
gidNumber: 154300000
loginShell: /bin/sh
homeDirectory: /home/bmcwhirt
uid: bmcwhirt
# bmcwhirt, users, accounts, myhhca.com
dn: uid=bmcwhirt,cn=users,cn=accounts,dc=myhhca,dc=com
displayName: Bryan McWhirt
cn: Bryan McWhirt
objectClass: top
objectClass: person
objectClass: organizationalperson
objectClass: inetorgperson
objectClass: inetuser
objectClass: posixaccount
objectClass: krbprincipalaux
objectClass: krbticketpolicyaux
objectClass: ipaobject
objectClass: ipasshuser
objectClass: ipaSshGroupOfPubKeys
objectClass: mepOriginEntry
loginShell: /bin/sh
sn: McWhirt
gecos: Bryan McWhirt
homeDirectory: /home/bmcwhirt
krbPwdPolicyReference: cn=global_policy,cn=MYHHCA.COM,cn=kerberos,dc=myhhca,dc
=com
mail: [email protected]
krbPrincipalName: [email protected]
givenName: Bryan
uid: bmcwhirt
initials: BM
ipaUniqueID: 2d330e8a-6c39-11e2-9c6c-0002a5517755
uidNumber: 154200001
gidNumber: 154300000
krbPasswordExpiration: 20130201063239Z
krbLastPwdChange: 20130201063239Z
krbExtraData::
mepManagedEntry: cn=bmcwhirt,cn=groups,cn=accounts,dc=myhhca,dc=com
memberOf: cn=ipausers,cn=groups,cn=accounts,dc=myhhca,dc=com
mobile: 5551212
postalCode: 10000
street: 123 some street
l: City
st: State
facsimileTelephoneNumber: 1112220000
telephoneNumber: 1015551212
title: Director of IT
ou: myhhca
krbLoginFailedCount: 0
krbLastSuccessfulAuth: 20130204213611Z
# search result
search: 4
result: 0 Success
# numResponses: 3
# numEntries: 2
[root@auth ~]#
Currently I have this for connect user: uid=admin,cn=users,cn=accounts,dc=myhhca,dc=com
and the Connect password it the appropriate admin password.
Server IP and ports are correct.
Use search is on
Base DN: cn=users,cn=accounts,dc=myhhca,dc=com
Uer DN Filter: uid=[username]
Map User ID: uid
Map Full Name: cn
Map Email: mail
If anyone can help please let me know.
-
- Joomla! Fledgling
- Posts: 1
- Joined: Thu Feb 07, 2013 9:21 am
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Hi,
First of all : thanks a lot for this great plugin !
I configure it with an openldap server, using authentification plugin and group mapping plugin and it works like a charm.
I have some question about improvement/capabilities : is it possible to configure the plugin to sync password and other things between joomla profile fields and the ldap ? (e.g. the user go to his profile, change password and for exemple email, and it will be sync between joomla base and ldap)
I find the profile plugin, but it can't be download ("File type not allowed" error), I don't know if it can help me ...
Thanks a lot for your feedback.
Regards,
Mike.
First of all : thanks a lot for this great plugin !
I configure it with an openldap server, using authentification plugin and group mapping plugin and it works like a charm.
I have some question about improvement/capabilities : is it possible to configure the plugin to sync password and other things between joomla profile fields and the ldap ? (e.g. the user go to his profile, change password and for exemple email, and it will be sync between joomla base and ldap)
I find the profile plugin, but it can't be download ("File type not allowed" error), I don't know if it can help me ...
Thanks a lot for your feedback.
Regards,
Mike.
-
- Joomla! Fledgling
- Posts: 1
- Joined: Tue Mar 12, 2013 7:34 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Found this github link, not sure if this is the right file.
https://github.com/ShMaunder/JMapMyLDAP ... ap/profile
Can somebody confirm?
BT
https://github.com/ShMaunder/JMapMyLDAP ... ap/profile
Can somebody confirm?
BT
-
- Joomla! Fledgling
- Posts: 2
- Joined: Thu Mar 14, 2013 12:04 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
I have LDAP authentication working fine but just can't seem to get SSO to work.
My PHP error log reports the following line every time i open a page:
2013-03-14 12:22:50 INFO 10.19.16.18 SSO Fail: SSO: Failed to import SSO plugins.
The SSO-HTTP and System-JSSOMySite plugins are enabled. I just don't seem to be getting anywhere with this, has anyone else seen this problem?
My PHP error log reports the following line every time i open a page:
2013-03-14 12:22:50 INFO 10.19.16.18 SSO Fail: SSO: Failed to import SSO plugins.
The SSO-HTTP and System-JSSOMySite plugins are enabled. I just don't seem to be getting anywhere with this, has anyone else seen this problem?
-
- Joomla! Apprentice
- Posts: 8
- Joined: Thu Aug 13, 2009 4:16 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
hello. where do u suggest me to investigate if my JMapmyldap works perfectly but i cannot make the SSO work? something missing in apache configuration or the SSO_HTML plug not configured properly? how can i get the proper values of the _SERVER array?
-
- Joomla! Fledgling
- Posts: 1
- Joined: Tue Apr 16, 2013 2:48 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Good day, I have a little trouble:
I need to modify your plugin. I mean, I need to add a new attribute to mapping a LDAP account. Is that possible? (ex: an internal code different to email).
Thanks for answering.
I need to modify your plugin. I mean, I need to add a new attribute to mapping a LDAP account. Is that possible? (ex: an internal code different to email).
Thanks for answering.
-
- Joomla! Fledgling
- Posts: 2
- Joined: Wed Dec 06, 2006 10:06 pm
- Location: United Kingdom
- Contact:
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
I’ve come across your Joomla module to authenticate ldap users and groups.
I’m unfortunately having difficulties with it. (Including the testing tool)
It seems Joomla’s own LDAP authentication module works, but jmapmyldap doesn’t. Which suggests it’s not the settings. I have a sneaking suspicion that it may be to do with either the version of php (5.4) or that the Active Directory structure that I’m using requires recursive searching. Which can be switched on with the Joomla extension, but not your modules’ components.
The PHP LDAP debug also binds ok, but doesn’t find any users either.
The only other thing of note is that I’m using Joomla 3.0.3 which although should in theory work. Your Debug tool fails so I don’t believe Joomla is at fault here.
Is there a recursion switch lurking somewhere or perhaps missing?
Regards
I’m unfortunately having difficulties with it. (Including the testing tool)
It seems Joomla’s own LDAP authentication module works, but jmapmyldap doesn’t. Which suggests it’s not the settings. I have a sneaking suspicion that it may be to do with either the version of php (5.4) or that the Active Directory structure that I’m using requires recursive searching. Which can be switched on with the Joomla extension, but not your modules’ components.
The PHP LDAP debug also binds ok, but doesn’t find any users either.
Code: Select all
:: PHP LDAP Debug V1.06 Script Started ::
Attempting to bind to LDAP server using connect username and password...
LDAP bind successful.
Attempting to use search to find user...
Failed: cannot find the authenticating user.
:: PHP LDAP Debug V1.06 Script Finished ::
Is there a recursion switch lurking somewhere or perhaps missing?
Regards
-
- Joomla! Fledgling
- Posts: 2
- Joined: Wed Dec 06, 2006 10:06 pm
- Location: United Kingdom
- Contact:
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
As is almost always the case when I post something on forums.... I solve it shortly afterwards
Resolved the search issue (and then I found the solution on the website )
Joomla ldap module uses: sAMAccountName=[search]
Were as your module uses: (sAMAccountName=[username])
Search of course has to be on.
Resolved the search issue (and then I found the solution on the website )
Joomla ldap module uses: sAMAccountName=[search]
Were as your module uses: (sAMAccountName=[username])
Search of course has to be on.
-
- Joomla! Explorer
- Posts: 486
- Joined: Mon Jul 05, 2010 7:22 pm
- Location: UK
- Contact:
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Once again apologise for the delay in responses, I've been very busy with version 2 which will hopefully resolve a lot of issues being reported here and on email including that missing download link.
Version 2 Beta 1 will be published late on May 12th. It will initially have a lack of documentation as I try to update the project site to accommodate the new version. It will also be missing key parts of the component meaning the configuration will need direct editing either through SQL or using the new temporary LDAP debug tool.
Features include: Group Mapping, Profile support, User creation, User deletion, Password changing and Support for multiple LDAP servers.
Version 2 Beta 1 will be published late on May 12th. It will initially have a lack of documentation as I try to update the project site to accommodate the new version. It will also be missing key parts of the component meaning the configuration will need direct editing either through SQL or using the new temporary LDAP debug tool.
Features include: Group Mapping, Profile support, User creation, User deletion, Password changing and Support for multiple LDAP servers.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/
-
- Joomla! Fledgling
- Posts: 3
- Joined: Tue Jun 26, 2012 3:32 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Instead of just using displayName, is it possible to combine attributes in AD for this field? In our AD, displayName is backwards (Last First). I'd like to try to combine two different fields so it will display First Last.
-
- Joomla! Fledgling
- Posts: 3
- Joined: Wed Jul 10, 2013 9:01 am
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Hello everybody,
I've installed Joomla 3.1 on a Windows 8 x64 VM. Joomla is running on Apache 2.2.2.
I've managed to configure LDAP requests successful, but I'm stucked with SSO.
Unfortunately REMOTE_USER or AUTH_USER are not shown in php information, so I've started to google and finally came to the mod_auth_sspi.so apache extension, which I've added to the webserver. Since then Apache doesn't start showing useless error messages. I don't have any idea what to do anymore.. Of course I can uncomment these lines and everythink works fine again... but I want to enable SSO for our Intranet webpage. I've also read the guides for NTLM and Kerberos but none of them worked for me. Honestly I'm quite new to this as well!
Screenshot for SSO HTTP and SSOMYSITE are attached
Added to httpd.conf
<IfModule !mod_auth_sspi.c>
LoadModule sspi_auth_module modules/mod_auth_sspi.so
</IfModule>
<IfModule mod_auth_sspi.c>
<Location "C:\xampp\htdocs\">
#AuthName "A Protected Place"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIOfferBasic On
# SSPIBasicPreferred
# SSPIUsernameCase lower
require valid-user
</Location>
</IfModule>
Thanks in advance
I've installed Joomla 3.1 on a Windows 8 x64 VM. Joomla is running on Apache 2.2.2.
I've managed to configure LDAP requests successful, but I'm stucked with SSO.
Unfortunately REMOTE_USER or AUTH_USER are not shown in php information, so I've started to google and finally came to the mod_auth_sspi.so apache extension, which I've added to the webserver. Since then Apache doesn't start showing useless error messages. I don't have any idea what to do anymore.. Of course I can uncomment these lines and everythink works fine again... but I want to enable SSO for our Intranet webpage. I've also read the guides for NTLM and Kerberos but none of them worked for me. Honestly I'm quite new to this as well!
Screenshot for SSO HTTP and SSOMYSITE are attached
Added to httpd.conf
<IfModule !mod_auth_sspi.c>
LoadModule sspi_auth_module modules/mod_auth_sspi.so
</IfModule>
<IfModule mod_auth_sspi.c>
<Location "C:\xampp\htdocs\">
#AuthName "A Protected Place"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIOfferBasic On
# SSPIBasicPreferred
# SSPIUsernameCase lower
require valid-user
</Location>
</IfModule>
Thanks in advance
You do not have the required permissions to view the files attached to this post.
-
- Joomla! Fledgling
- Posts: 1
- Joined: Thu Oct 12, 2006 4:23 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
Did anyone have any luck on the instruction on: http://forum.joomla.org/viewtopic.php?f ... 0#p2727858 ?
We want to authenticate both OpenLDAP and AD, with different group mappings...
I tried the instruction and re-packaged plg_authentication_jmapmyldap.zip, but I'm not seeing another instance of Authentication - JMapMyLDAP
We want to authenticate both OpenLDAP and AD, with different group mappings...
I tried the instruction and re-packaged plg_authentication_jmapmyldap.zip, but I'm not seeing another instance of Authentication - JMapMyLDAP
-
- Joomla! Fledgling
- Posts: 4
- Joined: Fri Jul 19, 2013 1:11 pm
Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7
I'm trying to use your Joomla extension but i have this error message: ERROR jmapmyldapfail JLDAP2: No user dn/filter parameter.
I'm using Joomla 3, and your last plugin version. And trying to use Joomla Autenthication Plugin with Users JMapMyLDAP.
Using native joomla authentication plugin with native user login plugin it works, but I want to set the group from users.
My configuration is this one:
Authentication LDAP:
Server: 10.27.4.36
Port 389
DN Base: DC=senaces,DC=com,DC=br
Search charters: userPrincipalName=[search]@senaces.com.br
DN User: [username]@senaces.com.br
Map User: displayName
Map Email: userPrincipalName
Map UserID: sAMAccountName
User - JMapMyLDAP
Authentication plugin: ldap
Auto Register: Override yes
Sync Name, Sync Email: yes
Use Group Mapping: yes
Allow Additions: yes
Allow Removals: Yes & Default Managed
Unmanaged Groups: 1;2;8
Public Group; 1
Mapping List: cn=Grupos DR, ou=Nti, o=senaces : 7
Lookup Type: Forward
Lookup Attribute: memberOf
Lookup Member: dn
Use Recursion: No
DN Attribute: distinguishedName
Max Depth; 0
Using the Authentication - JMapMyLDAP, it doesn't works, the configuration is:
LDAP V3: Yes
Start TLS; No
Follow Referrals: No
Connection
Host: 10.27.4.36
Port: 389
Credentials
Connect User: [email protected]
Connect Password: ...
Binding
Use Search: Yes
Base DN: DC=senaces,DC=com,DC=br
User DN / Filter: (sAMAccountName=[username])
Mapping Attributes
Map User ID: sAMAccountName
Map Full Name: displayName
Map Email: userPrincipalName
Can you help me?!
I'm using Joomla 3, and your last plugin version. And trying to use Joomla Autenthication Plugin with Users JMapMyLDAP.
Using native joomla authentication plugin with native user login plugin it works, but I want to set the group from users.
My configuration is this one:
Authentication LDAP:
Server: 10.27.4.36
Port 389
DN Base: DC=senaces,DC=com,DC=br
Search charters: userPrincipalName=[search]@senaces.com.br
DN User: [username]@senaces.com.br
Map User: displayName
Map Email: userPrincipalName
Map UserID: sAMAccountName
User - JMapMyLDAP
Authentication plugin: ldap
Auto Register: Override yes
Sync Name, Sync Email: yes
Use Group Mapping: yes
Allow Additions: yes
Allow Removals: Yes & Default Managed
Unmanaged Groups: 1;2;8
Public Group; 1
Mapping List: cn=Grupos DR, ou=Nti, o=senaces : 7
Lookup Type: Forward
Lookup Attribute: memberOf
Lookup Member: dn
Use Recursion: No
DN Attribute: distinguishedName
Max Depth; 0
Using the Authentication - JMapMyLDAP, it doesn't works, the configuration is:
LDAP V3: Yes
Start TLS; No
Follow Referrals: No
Connection
Host: 10.27.4.36
Port: 389
Credentials
Connect User: [email protected]
Connect Password: ...
Binding
Use Search: Yes
Base DN: DC=senaces,DC=com,DC=br
User DN / Filter: (sAMAccountName=[username])
Mapping Attributes
Map User ID: sAMAccountName
Map Full Name: displayName
Map Email: userPrincipalName
Can you help me?!