JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

This forum is for general questions about extensions for Joomla! 2.5.

Moderators: pe7er, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Locked
specterman
Joomla! Apprentice
Joomla! Apprentice
Posts: 9
Joined: Fri Mar 30, 2012 12:40 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by specterman » Wed May 09, 2012 5:24 pm

afrugone wrote:I Made two mistakes:

1.- First mistake was to omit brackets in (sAMAccountName=[username]), the brackets () must be included.
2.- Associate 'cn' parameter to and OU, but must groups:
I create two test groups testgroup and JoomlaAdmins, and assign mappings to these groups:
cn=testgroup,OU=Usuarios:9
cn=JoomlaAdmins,OU=Usuarios:7
'cn' are associated to groups.

For this test I used windows 2003 AD.

I don't try SSO, it requires configuration at user's computers, and for me this is more difficult to manage with about 200 users.

I' hope this help you.
afrugone,

thanks for sharing. It looks like I've done almost exactly what you've done. The only difference I see is that I'm using the distinguishedName for the mapping list. I've also tried what you did (just the cn and ou) with no success. Are you using MSSQL or MySQL for the backend? Could you share your parameters with me (scrubbed of course) from your jmapmyldap user plugin from the extensions table. I'm using MSSQL, and am curious if this is the problem.

Thanks!

RipperKhan
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Wed May 09, 2012 6:24 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by RipperKhan » Wed May 09, 2012 6:52 pm

Hi Shaun,

I have a IIS 7 server running on windows server 2008 R2 standard with joomla configured on ms sql2008.

This issue i am having is it seems that the user mapping is not happening in the database. I can authenticate just fine. And it seems the plugin is picking up the ldap groups for the user as it shows from the debug output.

I have not been able to find any errors related to this issue in any of my logs.

ldap: JMapMyEntry Object ( [rdn:protected] => Array ( [count] => 6 [0] => cn=john doe [1] => ou=support [2] => ou=users [3] => ou=company [4] => dc=domain [5] => dc=com ) [dn:protected] => CN=John Doe,OU=Support,OU=Users,OU=COMPANY,DC=DOMIAN,DC=com [valid] => 1 [groups:protected] => Array ( [0] => cn=webmaster,ou=emails,ou=company,dc=domain,dc=com [1] => cn=it admin,ou=support teams,ou=users,ou=company,dc=domain,dc=com [2] => cn=all,ou=users,ou=company,dc=domain,dc=com ) [_errors:protected] => Array ( ) [fullname] => Array ( [0] => John DOE ) [username] => Array ( [0] => jdoe ) [email] => Array ( [0] => [email protected] ) )

compared: Array ( [0] => JMapMyEntry Object ( [rdn:protected] => Array ( [count] => 6 [0] => cn=hr salary [1] => ou=groups [2] => ou=users [3] => ou=company [4] => dc=domain [5] => dc=com ) [dn:protected] => CN=HR Salary,OU=Groups,OU=Users,OU=COMPANY,DC=DOMIAN,DC=com [valid] => 1 [groups:protected] => Array ( [0] => 10 ) [_errors:protected] => Array ( ) ) )

afrugone
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Sun Jan 01, 2006 11:32 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by afrugone » Thu May 10, 2012 12:11 am

Hi specterman

My current config is as follows, Joomla 2.54, running on on ubuntu 10.0.4, PHP 5.3.2, Apache/2.2.14 and Mysql 5.1.62:
Windows 2003 AD

User - JMapMyLDAP
Use Group Mapping Yes
Allow Additions Yes
Allow Removals Yes&Default Managed
Unmanaged Groups 1;2;8
Public Group 1
Mapping List (try following options)

cn=testgroup,OU=TcGlobal,OU=Usuarios:9
cn=JoomlaAdmins,OU=TcGlobal,OU=Usuarios:7

Lookup Type Forward
Lookup Attribute memberOf
Lookup Member dn
Use Recursion Yes
DN Attribute distinguishedName
Max Depth 0

I hope this could be useful for you

joom77
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Fri May 25, 2012 1:05 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by joom77 » Mon May 28, 2012 2:07 pm

Thanks for the plugin, have successfully connected to an ldap server. In the Mapping Attributes section of the configuration page I would like the value of Map Full Name to be giveName and sn concatenated. Could you let me know if this can be specified on the configuration page or the script changes required. Thanks

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Fri Jun 01, 2012 5:49 pm

University finished at long last. I have all my time back.

I'm not sure what has been solved in here and what not. If anybody can repost if there problem is outstanding then I'll reply to it.

Going to get back to developing version 2, and will release a overdue maintenance release for version 1 in the coming week or so.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

NickC4555
Joomla! Explorer
Joomla! Explorer
Posts: 457
Joined: Sun Jan 30, 2011 10:09 am
Location: Leicester, UK

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by NickC4555 » Fri Jun 01, 2012 6:21 pm

I just implemented a 650 user intranet with JMapMyLDAP doing the user provisioning, group mapping, authentication CB integration and SSO. All working great. The only thing I would ask for in another release is to get more AD fields mapped in to CB.

Thanks for these really excellent plugins.

joom77
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Fri May 25, 2012 1:05 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by joom77 » Sat Jun 02, 2012 11:00 am

Hi Shaun my recent query regarding concatenating two fields for Map Full Name is still something I need to be able to do. Thanks

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Sun Jun 03, 2012 2:21 pm

NickC4555 wrote:I just implemented a 650 user intranet with JMapMyLDAP doing the user provisioning, group mapping, authentication CB integration and SSO. All working great. The only thing I would ask for in another release is to get more AD fields mapped in to CB.

Thanks for these really excellent plugins.
Cool, I will look into this as a separate plug-in for V2.
joom77 wrote:Thanks for the plugin, have successfully connected to an ldap server. In the Mapping Attributes section of the configuration page I would like the value of Map Full Name to be giveName and sn concatenated. Could you let me know if this can be specified on the configuration page or the script changes required. Thanks
As it picks up single attributes then you will need to hack some code. I would suggest targetting the sync name/email method in /libraries/shmanic/jmapmyldap.php to something like (note - I haven't tested this):

FROM:

Code: Select all

	public function doSync(&$joomlaUser, $ldapUser) 
	{
		if($this->parameters->get('sync_name') && $ldapUser->get('fullname')) {
			$name = $ldapUser->get('fullname');
			if(isset($name[0])) if($name[0]!="") $joomlaUser->set('name', $name[0]);
		}
		if($this->parameters->get('sync_email') && $ldapUser->get('email')) {
			$email = $ldapUser->get('email');
			if(isset($email[0])) if($email[0]!="") $joomlaUser->set('email', $email[0]);
		}

		return true;
	}
TO:

Code: Select all

	public function doSync(&$joomlaUser, $ldapUser) 
	{
		if($this->parameters->get('sync_name') && $ldapUser->get('fullname')) {
			$name = JArrayHelper::getValue($ldapUser->get('fullname'), 0));
			$name .= JArrayHelper::getValue($ldapUser->get('cn'), 0));
			if($name) $joomlaUser->set('name', $name);
		}
		if($this->parameters->get('sync_email') && $ldapUser->get('email')) {
			$email = $ldapUser->get('email');
			if(isset($email[0])) if($email[0]!="") $joomlaUser->set('email', $email[0]);
		}

		return true;
	}
FROM:

Code: Select all

	public static function getAttributes($parameters) 
	{
		$return = array('lookupType','lookupKey','lookupMember','recurseDepth','dnAttribute','extras');
		$return = array_fill_keys($return, null); //lets get our result ready
		
		if($parameters->get('group_map_enabled', 0)) {
			$return['lookupKey'] 	= $parameters->get('lookup_attribute', 'groupMembership');
			$return['lookupType'] 	= $parameters->get('lookup_type', 'forward');
			$return['lookupMember'] = $parameters->get('lookup_member', 'dn');
			if($parameters->get('recursive', 0)) {
				$return['recurseDepth'] = $parameters->get('recursion_depth', 0);
				$return['dnAttribute'] 	= $parameters->get('dn_attribute');	
			}
		}
		
		return $return;
	}
TO:

Code: Select all

	public static function getAttributes($parameters) 
	{
		$return = array('lookupType','lookupKey','lookupMember','recurseDepth','dnAttribute','extras');
		$return = array_fill_keys($return, null); //lets get our result ready
		
		$return['extras'] = array('cn');

		if($parameters->get('group_map_enabled', 0)) {
			$return['lookupKey'] 	= $parameters->get('lookup_attribute', 'groupMembership');
			$return['lookupType'] 	= $parameters->get('lookup_type', 'forward');
			$return['lookupMember'] = $parameters->get('lookup_member', 'dn');
			if($parameters->get('recursive', 0)) {
				$return['recurseDepth'] = $parameters->get('recursion_depth', 0);
				$return['dnAttribute'] 	= $parameters->get('dn_attribute');	
			}
		}
		
		return $return;
	}
This version is such a bad design on my part that it makes this kind of thing very hard to modifiy. Can't wait until I've put it right(ish).
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

joom77
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Fri May 25, 2012 1:05 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by joom77 » Sun Jun 03, 2012 4:49 pm

Thanks very much Shaun will try it out when I get back from holiday. Cheers

mhabers
Joomla! Apprentice
Joomla! Apprentice
Posts: 6
Joined: Wed Jun 06, 2012 8:23 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by mhabers » Wed Jun 06, 2012 8:30 am

Hi Shaun, I searched the forum but couldn't find an answer to my question:

Is there a way to get all users form the active directory? I'm building an intranet and the client wants a telephonebook. So I have to get name, departement and thelephonenumber from the AD...

Tx

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Thu Jun 07, 2012 5:47 am

@mhabers - Currently on demand sync doesn't exist. The last commit on version 2 brings profile support (so you can map department, telephone, etc.). If you want to take a look then shoot me an email, and I'll reply with the built packages for V2 (the forum here says its too big to attach). Alternatively, you can download the source and build the packages yourself from the Github repository https://github.com/ShMaunder/JMapMyLDAP [note I will be committing new stuff on there soon and will probably break a lot of things].


As for an update for version 2. I haven't implemented any new major features. However, I've reworked the entire Ldap client library which now makes use of consistent error handling & checking via custom Exceptions. Automatic unit testing has been partially implemented and most of the code now abides by the Joomla coding standard (Joomla's Sniff file). An autoloader and factory have been implemented. A big list of custom error IDs & descriptions which should make it easier to help with problems. Also starting a mini upgrade script for easy migration from 1 to 2. These things should make it easier and faster to implement new features (and the remaining features missing from version 2 like on demand sync).
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

mhabers
Joomla! Apprentice
Joomla! Apprentice
Posts: 6
Joined: Wed Jun 06, 2012 8:23 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by mhabers » Fri Jun 08, 2012 12:37 pm

Hi Shaun,

First of all many tx for a great plugin with superb support.

I've allready build version 2 and installed it. I've now got an LDAP-profile plugin installed.
I'm not sure how to use it however.

Regards Marc

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Fri Jun 08, 2012 12:58 pm

I normally send this in emails - I will add to the site at some point:

Future updates to version 2 till the final release will not be backward compatible - i.e. the configuration options will change and/or delete between each update till the final release. Therefore, do not update without prior testing in any live environment.

Use pkg_jmmldap_basics to install version 2's core. Then you can optionally install any of the following:

pkg_ldap_mapping - The group mapping plug-in.
pkg_ldap_profile - The profile plug-in.
plg_sso_http - To use HTTP SSO. Download from http://shmanic.com/media/file.php?proje ... o_http.zip as this is the same as version 1.

Error logging and SSO configuration can be found in Components->Ldap Admin->Options.

Documentation:
pkg_ldap_profile - http://shmanic.com/tools/jmapmyldap/doc ... plugin.htm
pkg_ldap_mapping - http://shmanic.com/tools/jmapmyldap/doc ... plugin.htm

SSO & Authentication - http://shmanic.com/tools/jmapmyldap/guide.htm

It is recommended to delete version 1 before installing version 2 or at least disable the "User - JMapMyLDAP" plug-in.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

mhabers
Joomla! Apprentice
Joomla! Apprentice
Posts: 6
Joined: Wed Jun 06, 2012 8:23 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by mhabers » Fri Jun 08, 2012 1:38 pm

Hi Shaun,

I've done all this. My problem is that I want to know if and, if so, where users can edit their own proile. Is there a special view or something?

Marc

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Fri Jun 08, 2012 1:49 pm

They should be able to change their own profile using Joomla's profile editor. This as long as "com_users.profile" is contained in the permitted forms.

Access from the front end using /?option=com_users&task=profile.edit&user_id=[Joomla's UID] or back end using 'Site->My Profile'. Front end should have a menu link to profile though.

Also, the user must be an LDAP user for it to display. This means it must authenticate against the LDAP server on logon.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

mhabers
Joomla! Apprentice
Joomla! Apprentice
Posts: 6
Joined: Wed Jun 06, 2012 8:23 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by mhabers » Mon Jun 11, 2012 7:33 am

Hi Shaun,

Aha perfect, that's what i was looking for. I'll get modifying de plugin to create an adressbook.

Tx,

Marc

mhabers
Joomla! Apprentice
Joomla! Apprentice
Posts: 6
Joined: Wed Jun 06, 2012 8:23 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by mhabers » Thu Jun 14, 2012 7:41 am

Hi Shaun,

I've installed, en activated the profile plugin. I've set it up with the default.xml for testing purposes but de edit section doesn't show the form as expected. [edit]In the screenshot it says profiel for profile name Corrected that but still won't work[/edit]

I've used the following parameters (see attachment)
and the edit profile screen as it comes out.

What am i doing wrong?????

Regards Marc
You do not have the required permissions to view the files attached to this post.

mikesturmey
Joomla! Apprentice
Joomla! Apprentice
Posts: 14
Joined: Wed Mar 07, 2007 4:22 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by mikesturmey » Sat Jun 16, 2012 2:05 am

Hi Shaun,

with the profile mapping, I have included the following field from AD to grab country:

<field
name="co"
type="text"
description="Country"
label="Country"
size="30"
filter="string"
required="false"
sync="true"
disabled="true"
/>
If Country is empty, is there anyway of adding a default value in this XML - I have tried a couple of things but nothing works,

regards

Mike

chrisyeung168
Joomla! Apprentice
Joomla! Apprentice
Posts: 17
Joined: Mon Oct 31, 2005 6:52 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by chrisyeung168 » Mon Jun 18, 2012 8:24 am

ShMaunder wrote:University finished at long last. I have all my time back.

I'm not sure what has been solved in here and what not. If anybody can repost if there problem is outstanding then I'll reply to it.

Going to get back to developing version 2, and will release a overdue maintenance release for version 1 in the coming week or so.
don't you remember it or not, I mentioned it one or two months ago, i think a domain selector is good for mutiple domain ldap login, since if there is mutiple domain, and it is possible that same account name will exist in different domain, so, a domain selector will be suitable to avoid problem happen in this case, please note and thanks.

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Mon Jun 18, 2012 2:16 pm

@chrisyeung168 - I haven't forgotten ;). I'm building the underlying code for multiple servers first - well actually, I have nearly finished that and will commit to the repository soon. I will look at building a module for the front-end multiple domains soon after - Not sure what I can do on the back end (J! Administrator) to support this.

@mikesturmey - Did you try default="mycounty"? The majority of the syntax is processed by Joomla's JForm (i.e. same syntax).

@mhabers - What is the name of the XML file you're using for the profile? It should be profiel.xml. Add me on Skype (shaun.maunder) if you can because this may take a lot of posts to debug on here.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

chrisyeung168
Joomla! Apprentice
Joomla! Apprentice
Posts: 17
Joined: Mon Oct 31, 2005 6:52 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by chrisyeung168 » Tue Jun 19, 2012 3:52 pm

hello shaun,
you are great! you can still remember that feature request, i 'm always checking this thread to see when will you come back, anyway, can't wait to see the result.

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Tue Jun 19, 2012 4:14 pm

Cool. The multiple servers are now implemented (I will commit to Git soon on the 'platform' branch). The configurations can either be loaded from a PHP config file (primarily for platform applications) or SQL table (which will be used for the CMS). I'm currently making some unit tests which is taking forever and is seriously boring :/.

Got to re-sync up the LDAP plug-ins like Group Mapping and Profile to use the new libraries. Then I will do the little login module - I will need to figure out if a front-end component is also required. Then I need to concentrate on the back-end administrator component to integrated Ldap debugging and configuration.

After the above (and a release of a stable version), I will start proper work on a specific CB plug-in and password plug-in.


Edit:

For those that are interested in V2 progress, I have written a little blog style progress report here http://shmanic.com/tools/jmapmyldap/news.htm (a few have asked on email).

Though its been a very long (and unexpected) development period for V2, I'm becoming more happier with the code and the potential extendibility of the entire project.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

Serge Bakharev
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Wed Jun 27, 2012 12:02 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by Serge Bakharev » Wed Jun 27, 2012 12:25 am

Hi Shaun,

I'm trying to configure SSO with Apache and mod_auth_kerb. I've successfully got Kerb passing across the remote_user env variable however I've hit a roadblock configuring this for a site accessed both internally and publicly.

The limitation of this Apache module is that it doesn't gracefully degrade when its unable to authenticate (for it to attempt to negotiate SSO the Apache directive 'require user' needs to be set!). If they fail SSO I either have the choice of a 401 error screen or a basic auth prompt (KrbMethodK5Passwd On).

Unfortunately this particularly site has content that needs to be publicly accessible so having a basic auth prompt is not acceptable.

How do you suggest implementing SSO at such a site? Is there any other Apache module that will work better, or perhaps does IIS with it's SSPI component actually do this gracefully?

Here are the two workarounds I've thought of that might work:
-Separate public and internal site
-Have a standalone php file to do logins internally, having the mod_kerb directive only set on this specific file and just redirect them to the normal page
-Somehow using the Apache ErrorDoc directive combined with KrbMethodK5Passwd Off (if transparent sso negotiate fails, fail the auth) to load the site. (Probably a massive hack)
-Modify the mod_auth_kerb code and program a new parameter IfAuthFailLoadAnyway which simply serves the webpages withour the REMOTE_USER variable set if they fail SSO.

fyi. I've also emailed the mod_auth_kerb devs about this to see what they suggest. Its obviously a limitation of their module and not yours!

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Thu Jun 28, 2012 8:54 am

I should start that I don't know the answer *yet*. But, I was trying to accomplish this the other day.

There are a few methods that I'm currently trailing:

- Use of a forced 401 error with a WWW-Authenticate header (like negotiate) being sent to the browser. This would be modified into the HTTP plug-in to allow you to select specific IP ranges (i.e. internal ones). Though I haven't found the correct htaccess config to get this working yet. I believe this works on IIS.

- As you said, using a file to attempt it. The htaccess config for this one is easy, but it doesn't feel a elegant solution. I guess it could be executed through an IFrame or through a (Joomla or htaccess) redirect based on IP.


Though I will use some of today to hopefully figure out how I can get the first point to work.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Thu Jul 12, 2012 9:12 pm

chrisyeung168 wrote:hello shaun,
you are great! you can still remember that feature request, i 'm always checking this thread to see when will you come back, anyway, can't wait to see the result.
Its implemented (well at least for the front-end)! The result:

http://i61.[spam].com/albums/h63/t ... Module.png


My next and last job before I can post packages for everything is an administrator component to configure everything & redo the package builder. Its been quiet on the support (& downloads) lately which has meant I've been able to pump a lot of hours into this version.

All code here: https://github.com/ShMaunder/JMapMyLDAP/tree/platform - will commit the front-end component shortly.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

chrisyeung168
Joomla! Apprentice
Joomla! Apprentice
Posts: 17
Joined: Mon Oct 31, 2005 6:52 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by chrisyeung168 » Tue Jul 17, 2012 2:41 am

wow, great, is it available to download and try it out? for the ldap login module, things seems more logically, just like if you need to login in your windows workstation, you need to choose the correct domain.

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Tue Jul 17, 2012 1:36 pm

I've still not committed the front-end component which is needed for the module to work. This is mainly because I was hesitant if I should spend a day getting LDAP registration working, or just remove the view/model/controller for it. But I will remove registration for now and get the domain support committed so we can get a beta out ASAP.

Also, the SQL files for the new tables haven't been written - so its probably best to wait another week and with some luck, I may have updated the package builder.

I'm currently implementing "user adapters" (very much like JAuthTools' User Source system) to make it easier to integrate other authentication services into jmmLDAP after 2 is released. This will hopefully allow services like ADFS, which has had 4 requests so far for integration, to be integrated.



Lastly, if anybody is willing to do any translations for any of the language files, then please let me know. The website is getting between 5-15 unique hits a day via Google's translation service, and I don't know how well its being translated. Even if its a partial translation, it would make a difference :)
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

bancil31
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Wed Jul 18, 2012 8:55 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by bancil31 » Thu Jul 19, 2012 1:41 pm

hello everybody,

I'm not able to map my ldap group to joomla group.
I can authenticate myself, get the right username, email..., but I belong to the Joomla Registered users group (my mapping list: CN=mygroup:7).
Everything seems to be Ok when I test my parameters with ldapdebug.php (ie my openldap group is printed out).
I've tried to insert ShMaunder's code in line 477 (echo 'ldap: '; print_r($ldapUser); echo '<br /><br />compared: '; print_r($mapLists); die();)
$mapLists displays nothing whereas $ldapUser displays the right values...that's strange !
Any idea ?

joomla 2.5.6
mysql 5.1.52
php 5.3.2
JMapMyLDAP 1.0.5

Regards from Toulouse

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Fri Jul 20, 2012 1:32 pm

Hmm. Are you using a popular LDAP server/vendor?

What is the LDAP attribute groups are being printed out as? It sounds like the "Lookup Attribute" isn't correct maybe?
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

bancil31
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Wed Jul 18, 2012 8:55 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by bancil31 » Fri Jul 20, 2012 2:18 pm

Openldap...very popular :-)
schema: cn=mygroup, ou=Groups, dc=auth,dc=mydomain, dc=fr
attribute type (my lookup attribute): businessCategory
ldapdebug.php returns me the right group (mygroup) with this attribute.

thanks a lot Shaun !

Nota: I'm in holidays tonight and i'll be back on the forum in a week


Locked

Return to “Extensions for Joomla! 2.5”