The Joomla! Forum ™



Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  [ 289 posts ]  Go to page Previous  1 ... 3, 4, 5, 6, 7, 8, 9, 10  Next
Author Message
PostPosted: Fri Apr 06, 2012 5:21 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Sun Jan 30, 2011 10:09 am
Posts: 170
Location: Leicester, UK
I'm using 1.0.5. Where do I find 2.0 Alpha? Do I need to replace all of your plugins or just the SSO ones?


Top
 Profile  
 
PostPosted: Fri Apr 06, 2012 5:33 pm 
Joomla! Explorer
Joomla! Explorer

Joined: Mon Jul 05, 2010 7:22 pm
Posts: 483
Location: UK
Version 2.0 is on Git (you'll need to build the packages yourself, or alternativly I can email it - instructions are a few posts back). Yes, you would need to replace them all.

OK, hang fire, got a bit of work to do then I will test version 1's SSO on the latest CB with 3303.patch and see if I get the same issues. It could be a trivial problem like a missing flag in the onUserLogin(). I'll get back soon.

_________________
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/


Top
 Profile  
 
PostPosted: Fri Apr 06, 2012 8:45 pm 
Joomla! Explorer
Joomla! Explorer

Joined: Mon Jul 05, 2010 7:22 pm
Posts: 483
Location: UK
This is certainly a problem with the SSO portion.

I can confirm that mapping + authentication after setting a few CB settings works fine after typing in username & password manually, even on first login. This is for version 1.0.5.

Not sure where the problem is in CB's code, but I came across something I was thinking would fix the issue - http://www.joomlapolis.com/forum/40-cb- ... s-with-sso - that plugin, though requires updating a bit, will insert a new entry into CB's profile table.

_________________
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/


Top
 Profile  
 
PostPosted: Fri Apr 06, 2012 10:06 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Sun Jan 30, 2011 10:09 am
Posts: 170
Location: Leicester, UK
Thanks, Shaun. I'll have a look at that plugin tomorrow and report back.


Top
 Profile  
 
PostPosted: Fri Apr 06, 2012 10:23 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Sun Jan 30, 2011 10:09 am
Posts: 170
Location: Leicester, UK
Decided to try it before bed! It didn't work.


Top
 Profile  
 
PostPosted: Fri Apr 06, 2012 10:36 pm 
Joomla! Explorer
Joomla! Explorer

Joined: Mon Jul 05, 2010 7:22 pm
Posts: 483
Location: UK
^^ did you modify it at all?

Is it even adding the entries to the table?

Wait a moment, I forgot I now have a site with CB in. I will test it as well.

Edit: wow, I just re-wrote it from scratch. Damn, that was really old code. Here we go http://shmanic.com/media/file.php?proje ... create.zip - seems to activate fine for me on SSO now :D.

If you can test it and all works, then I'll create a doc for it on the site.

_________________
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/


Top
 Profile  
 
PostPosted: Sat Apr 07, 2012 9:22 am 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Sun Jan 30, 2011 10:09 am
Posts: 170
Location: Leicester, UK
Sorted! Thanks very much for all your help.


Top
 Profile  
 
PostPosted: Sat Apr 07, 2012 9:20 pm 
Joomla! Explorer
Joomla! Explorer

Joined: Mon Jul 05, 2010 7:22 pm
Posts: 483
Location: UK
Cool. No probs. I will produce a doc for this at some point.

@crony - cheers for the review :)

_________________
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/


Top
 Profile  
 
PostPosted: Mon Apr 09, 2012 3:26 pm 
Joomla! Fledgling
Joomla! Fledgling

Joined: Mon Apr 09, 2012 3:22 pm
Posts: 1
Hey Shaun - Hoping you can help me. I need a way to sync the user list in AD with the user list in Joomla!. I have the integrated plugin configured and i can log in as domain users just fine, but i want to have users and groups and access all squared away before i go live. I can't log in with each individual user as there are over 200+ accounts. Is there any way your program can do this? To rephrase, i want to click something that automatically copies AD users into my J users list. Thanks in advance!

Also, forgot to add that SSO really won't work for me, as we have several 'general' AD login accounts for shared computers, but each user has their own AD login.

-Steve


Top
 Profile  
 
PostPosted: Mon Apr 09, 2012 5:26 pm 
Joomla! Explorer
Joomla! Explorer

Joined: Mon Jul 05, 2010 7:22 pm
Posts: 483
Location: UK
Yes and No. Yes in the sense that the version 2 alpha framework I'm building for the next release of jmmldap can support on-demand sync. No in the sense that you would need to create a script that searches for the LDAP users from a base_dn then execute the ldap plugin onLdapSync() event.

That is a confusing answer, but basically I plan to have this as an "out of the box" feature in version 2's stable release. However, don't expect a stable version for sometime yet. I have a final year project to complete as well as a set of exams in a months time.

You could have a go at building something based on what is already there https://github.com/ShMaunder/JMapMyLDAP - there is still a lot of changes required to lower the dependencies within some of the libraries. In fact I really want to implement namespaces and an autoloader though I will restrict the extension to PHP 5.3+ which may not be a good idea.

_________________
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/


Top
 Profile  
 
PostPosted: Fri Apr 27, 2012 12:35 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Sun Jan 30, 2011 10:09 am
Posts: 170
Location: Leicester, UK
Does version 2 have the ability to sync other AD fields to CB profiles? It would be great to pull over phone number, job title and department.


Top
 Profile  
 
PostPosted: Mon Apr 30, 2012 7:46 pm 
Joomla! Fledgling
Joomla! Fledgling

Joined: Fri Apr 27, 2012 9:02 pm
Posts: 2
I am about to pull my hair out in regards to this >< I have run your debug script to make sure I am putting everything in correctly and I receive a full report that shows my information and mappings.

When I go to Joomla and input the same information, I get the following error:

JLDAP2: Could not get dn for username 'bkelley1@xxxxxxx.local'. Check user dn/filter parameter and the authenticating user exists. LDAP reported: Success

no matter what I do, it does the same thing. My settings are as follows:
LDAPv3: yes
Start TLS: No
Follow Referrals: No
Host: xxxxxxx.local
Port: 389
connect user: xxxxxxx\administrator
password: xxxxxxxxxxx
Use Search: Yes
Base DN: dc=xxxxxxx,dc=local
User DN/Filter (sAMAccountName=[username])
map user name: sAMAccountName
Map Full Name: displayName
Map Email: mail

I have been working on variations of usernames and such to try and get this working for over a week now with no luck.

I am the server admin but the server was setup by other people and not sure if something in the group policy is blocking it.

Pleas help


Top
 Profile  
 
PostPosted: Tue May 01, 2012 11:33 am 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Sun Jan 30, 2011 10:09 am
Posts: 170
Location: Leicester, UK
I'm using name instead of displayName, but either should be ok. The rest of my settings are exactly the same as yours and it's working. Is your email field in AD populated? If it isn't you will need to replace mail with a dummy value such as [username]@xxxxxxx.local


Top
 Profile  
 
PostPosted: Tue May 01, 2012 8:17 pm 
Joomla! Fledgling
Joomla! Fledgling

Joined: Fri Apr 27, 2012 9:02 pm
Posts: 2
Nick,

Thank you for pointing the email out to me!

In AD, the email field was populated with the employees correct email. But since the companys internal domain is not the same as our email, it was breaking so to speak.

I changed the users email in AD to reflect the internal Domain and people were able to log in with their windows username and password. Thank you!!

Barbie


Top
 Profile  
 
PostPosted: Wed May 02, 2012 1:36 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Sun Jan 01, 2006 11:32 pm
Posts: 15
I've tried everything, but no way, I've installed a new server and test against two different AD one W2k and W2k3,and no success. Could be a problem at Domain or OS configuration?

This is the config:

LDAP V3
Host: 10.10.11.2
Port: 389
Connect User: mydomain\administrator
Connect Password: password
Use Search
Base DN: DC=mydoamin,DC=local
User DN/Filter: sAMAccountName=[username]
Map User ID: sAMAccountName
Map Full Name: name
Map Email: mail
Test User: administrator
Test Password: password

Joomla 2.54 (new install) on Centos 6.2

And get this message from PHP LDAP debug:

:: PHP LDAP Debug V1.05 Script Started ::
Attempting to bind to LDAP server using connect username and password...
LDAP bind successful.
Attempting to use search to find user...
Failed: search has been used but 'sAMAccountName=Administrator' is NOT a filter. Check this for more information.


Top
 Profile  
 
PostPosted: Wed May 02, 2012 2:24 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Sun Jan 30, 2011 10:09 am
Posts: 170
Location: Leicester, UK
You are missing the brackets around your User DN/Filter. It should be:

(sAMAccountName=[username])


Top
 Profile  
 
PostPosted: Wed May 02, 2012 2:28 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Sun Jan 01, 2006 11:32 pm
Posts: 15
Thanks it works


Top
 Profile  
 
PostPosted: Wed May 02, 2012 2:32 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Sun Jan 01, 2006 11:32 pm
Posts: 15
Another question, in Joomla I must create the users or there is a way to import (sync from AD) fron the AD

Thanks


Top
 Profile  
 
PostPosted: Wed May 02, 2012 2:48 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Sun Jan 30, 2011 10:09 am
Posts: 170
Location: Leicester, UK
If you implement the full JMapMyLDAP suite (http://shmanic.com/tools/jmapmyldap/) you will get:

Automatic Joomla user creation
AD to Joomla security groups mapping
Authentication with password sync
Single sign on


Top
 Profile  
 
PostPosted: Wed May 02, 2012 2:56 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Sun Jan 01, 2006 11:32 pm
Posts: 15
I must disable Joomla Native LDAP suppoprt plugins?

Thanks for your help.


Top
 Profile  
 
PostPosted: Wed May 02, 2012 3:01 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Sun Jan 30, 2011 10:09 am
Posts: 170
Location: Leicester, UK
Yes. Just follow the guides here: http://shmanic.com/tools/jmapmyldap/guide.htm


Top
 Profile  
 
PostPosted: Wed May 02, 2012 5:31 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Sun Jan 01, 2006 11:32 pm
Posts: 15
Many thanks, I got it working, users are created, but not assigned to the Mapping List group, always go to Registered Group, what could be wrong? here is the configuration:

For a test_joomla user from LDAP Debug Tool I get:
dn CN=test_joomla,OU=Sistemas,OU=Division,OU=Usuarios,DC=mydomain,DC=local

User - JMapMyLDAP
Use Group Mapping Yes
Allow Additions Yes
Allow Removals Yes&Default Managed
Unmanaged Groups 1;2;8
Public Group 1
Mapping List (try following options)
cn=Domain Users,OU=Sistemas,OU=Division,OU=Usuarios:10
cn=Users,OU=Sistemas,OU=Division,OU=Usuarios:10
OU=Sistemas,OU=Division,OU=Usuarios:10
Lookup Type Forward
Lookup Attribute memberOf
Lookup Member dn
Use Recursion Yes
DN Attribute distinguishedName
Max Depth 0


Top
 Profile  
 
PostPosted: Wed May 02, 2012 5:43 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Sun Jan 30, 2011 10:09 am
Posts: 170
Location: Leicester, UK
I just use AD Groups, e.g.:

CN=HR Content Manager:9
CN=HR:10
CN=Directors:15

I also have recursion set to No.


Top
 Profile  
 
PostPosted: Tue May 08, 2012 3:19 am 
Joomla! Fledgling
Joomla! Fledgling

Joined: Tue Jan 18, 2011 5:12 am
Posts: 4
Hi Guys,

I'm planning an SSO project for a client whereby Joomla 2.5.4 will be used for their internal intranet type purposes however the site is hosted outside of their firewall on our servers.

They are looking to use Oracle Enterprise Single Sign-On to manage all their SSO requirements (http://www.oracle.com/technetwork/middl ... 86728.html).

Can anyone please let me know if:
1) you have worked with this Oracle product?
2) if you think it will work with JMapMyLDAP Joomla extension?
3) if you think it will work with a joomla installation on the web (i.e. outside of the company's firewall and network infrastructure?

Any help and advice is greatly appreciated.

Kind regards.


Top
 Profile  
 
PostPosted: Tue May 08, 2012 12:18 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Fri Mar 30, 2012 12:40 pm
Posts: 9
afrugone wrote:
Many thanks, I got it working, users are created, but not assigned to the Mapping List group, always go to Registered Group, what could be wrong? here is the configuration:

For a test_joomla user from LDAP Debug Tool I get:
dn CN=test_joomla,OU=Sistemas,OU=Division,OU=Usuarios,DC=mydomain,DC=local

User - JMapMyLDAP
Use Group Mapping Yes
Allow Additions Yes
Allow Removals Yes&Default Managed
Unmanaged Groups 1;2;8
Public Group 1
Mapping List (try following options)
cn=Domain Users,OU=Sistemas,OU=Division,OU=Usuarios:10
cn=Users,OU=Sistemas,OU=Division,OU=Usuarios:10
OU=Sistemas,OU=Division,OU=Usuarios:10
Lookup Type Forward
Lookup Attribute memberOf
Lookup Member dn
Use Recursion Yes
DN Attribute distinguishedName
Max Depth 0


afrugone,

have you got the mapping working yet? I'm having the same issue. please share if you have solved the problem.

Thanks!


Top
 Profile  
 
PostPosted: Tue May 08, 2012 1:09 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Sun Jan 01, 2006 11:32 pm
Posts: 15
I Made two mistakes:

1.- First mistake was to omit brackets in (sAMAccountName=[username]), the brackets () must be included.
2.- Associate 'cn' parameter to and OU, but must groups:
I create two test groups testgroup and JoomlaAdmins, and assign mappings to these groups:
cn=testgroup,OU=Usuarios:9
cn=JoomlaAdmins,OU=Usuarios:7
'cn' are associated to groups.

For this test I used windows 2003 AD.

I don't try SSO, it requires configuration at user's computers, and for me this is more difficult to manage with about 200 users.

I' hope this help you.


Top
 Profile  
 
PostPosted: Tue May 08, 2012 1:21 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Sun Jan 30, 2011 10:09 am
Posts: 170
Location: Leicester, UK
afrugone wrote:
I don't try SSO, it requires configuration at user's computers, and for me this is more difficult to manage with about 200 users.


Only with Firefox, IE doesn't.


Top
 Profile  
 
PostPosted: Tue May 08, 2012 1:25 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Sun Jan 01, 2006 11:32 pm
Posts: 15
And work's with Chrome?


Top
 Profile  
 
PostPosted: Tue May 08, 2012 1:30 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Sun Jan 30, 2011 10:09 am
Posts: 170
Location: Leicester, UK
afrugone wrote:
And work's with Chrome?

It looks like Chrome does need some client side work:

http://ben-tech.[URL banned].co.uk/2011/09/ ... ation.html


Top
 Profile  
 
PostPosted: Tue May 08, 2012 1:34 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Sun Jan 01, 2006 11:32 pm
Posts: 15
Interesting, I'll try to use SSO. Thanks


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 289 posts ]  Go to page Previous  1 ... 3, 4, 5, 6, 7, 8, 9, 10  Next



Who is online

Users browsing this forum: khaledgaza, strumjan and 27 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group