JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

This forum is for general questions about extensions for Joomla! 2.5.

Moderators: pe7er, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Locked
NickC4555
Joomla! Explorer
Joomla! Explorer
Posts: 457
Joined: Sun Jan 30, 2011 10:09 am
Location: Leicester, UK

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by NickC4555 » Fri Apr 06, 2012 5:21 pm

I'm using 1.0.5. Where do I find 2.0 Alpha? Do I need to replace all of your plugins or just the SSO ones?

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Fri Apr 06, 2012 5:33 pm

Version 2.0 is on Git (you'll need to build the packages yourself, or alternativly I can email it - instructions are a few posts back). Yes, you would need to replace them all.

OK, hang fire, got a bit of work to do then I will test version 1's SSO on the latest CB with 3303.patch and see if I get the same issues. It could be a trivial problem like a missing flag in the onUserLogin(). I'll get back soon.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Fri Apr 06, 2012 8:45 pm

This is certainly a problem with the SSO portion.

I can confirm that mapping + authentication after setting a few CB settings works fine after typing in username & password manually, even on first login. This is for version 1.0.5.

Not sure where the problem is in CB's code, but I came across something I was thinking would fix the issue - http://www.joomlapolis.com/forum/40-cb- ... s-with-sso - that plugin, though requires updating a bit, will insert a new entry into CB's profile table.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

NickC4555
Joomla! Explorer
Joomla! Explorer
Posts: 457
Joined: Sun Jan 30, 2011 10:09 am
Location: Leicester, UK

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by NickC4555 » Fri Apr 06, 2012 10:06 pm

Thanks, Shaun. I'll have a look at that plugin tomorrow and report back.

NickC4555
Joomla! Explorer
Joomla! Explorer
Posts: 457
Joined: Sun Jan 30, 2011 10:09 am
Location: Leicester, UK

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by NickC4555 » Fri Apr 06, 2012 10:23 pm

Decided to try it before bed! It didn't work.

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Fri Apr 06, 2012 10:36 pm

^^ did you modify it at all?

Is it even adding the entries to the table?

Wait a moment, I forgot I now have a site with CB in. I will test it as well.

Edit: wow, I just re-wrote it from scratch. Damn, that was really old code. Here we go http://shmanic.com/media/file.php?proje ... create.zip - seems to activate fine for me on SSO now :D.

If you can test it and all works, then I'll create a doc for it on the site.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

NickC4555
Joomla! Explorer
Joomla! Explorer
Posts: 457
Joined: Sun Jan 30, 2011 10:09 am
Location: Leicester, UK

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by NickC4555 » Sat Apr 07, 2012 9:22 am

Sorted! Thanks very much for all your help.

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Sat Apr 07, 2012 9:20 pm

Cool. No probs. I will produce a doc for this at some point.

@crony - cheers for the review :)
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

slinger86
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Mon Apr 09, 2012 3:22 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by slinger86 » Mon Apr 09, 2012 3:26 pm

Hey Shaun - Hoping you can help me. I need a way to sync the user list in AD with the user list in Joomla!. I have the integrated plugin configured and i can log in as domain users just fine, but i want to have users and groups and access all squared away before i go live. I can't log in with each individual user as there are over 200+ accounts. Is there any way your program can do this? To rephrase, i want to click something that automatically copies AD users into my J users list. Thanks in advance!

Also, forgot to add that SSO really won't work for me, as we have several 'general' AD login accounts for shared computers, but each user has their own AD login.

-Steve

ShMaunder
Joomla! Explorer
Joomla! Explorer
Posts: 486
Joined: Mon Jul 05, 2010 7:22 pm
Location: UK
Contact:

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ShMaunder » Mon Apr 09, 2012 5:26 pm

Yes and No. Yes in the sense that the version 2 alpha framework I'm building for the next release of jmmldap can support on-demand sync. No in the sense that you would need to create a script that searches for the LDAP users from a base_dn then execute the ldap plugin onLdapSync() event.

That is a confusing answer, but basically I plan to have this as an "out of the box" feature in version 2's stable release. However, don't expect a stable version for sometime yet. I have a final year project to complete as well as a set of exams in a months time.

You could have a go at building something based on what is already there https://github.com/ShMaunder/JMapMyLDAP - there is still a lot of changes required to lower the dependencies within some of the libraries. In fact I really want to implement namespaces and an autoloader though I will restrict the extension to PHP 5.3+ which may not be a good idea.
Shaun Maunder
JMapMyLDAP extensions - Joomla! 2.5/3.1/3.2 LDAP Integration & SSO
http://shmanic.com/tools/jmapmyldap/

NickC4555
Joomla! Explorer
Joomla! Explorer
Posts: 457
Joined: Sun Jan 30, 2011 10:09 am
Location: Leicester, UK

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by NickC4555 » Fri Apr 27, 2012 12:35 pm

Does version 2 have the ability to sync other AD fields to CB profiles? It would be great to pull over phone number, job title and department.

Barbie K
Joomla! Fledgling
Joomla! Fledgling
Posts: 2
Joined: Fri Apr 27, 2012 9:02 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by Barbie K » Mon Apr 30, 2012 7:46 pm

I am about to pull my hair out in regards to this >< I have run your debug script to make sure I am putting everything in correctly and I receive a full report that shows my information and mappings.

When I go to Joomla and input the same information, I get the following error:

JLDAP2: Could not get dn for username '[email protected]'. Check user dn/filter parameter and the authenticating user exists. LDAP reported: Success

no matter what I do, it does the same thing. My settings are as follows:
LDAPv3: yes
Start TLS: No
Follow Referrals: No
Host: xxxxxxx.local
Port: 389
connect user: xxxxxxx\administrator
password: xxxxxxxxxxx
Use Search: Yes
Base DN: dc=xxxxxxx,dc=local
User DN/Filter (sAMAccountName=[username])
map user name: sAMAccountName
Map Full Name: displayName
Map Email: mail

I have been working on variations of usernames and such to try and get this working for over a week now with no luck.

I am the server admin but the server was setup by other people and not sure if something in the group policy is blocking it.

Pleas help

NickC4555
Joomla! Explorer
Joomla! Explorer
Posts: 457
Joined: Sun Jan 30, 2011 10:09 am
Location: Leicester, UK

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by NickC4555 » Tue May 01, 2012 11:33 am

I'm using name instead of displayName, but either should be ok. The rest of my settings are exactly the same as yours and it's working. Is your email field in AD populated? If it isn't you will need to replace mail with a dummy value such as [username]@xxxxxxx.local

Barbie K
Joomla! Fledgling
Joomla! Fledgling
Posts: 2
Joined: Fri Apr 27, 2012 9:02 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by Barbie K » Tue May 01, 2012 8:17 pm

Nick,

Thank you for pointing the email out to me!

In AD, the email field was populated with the employees correct email. But since the companys internal domain is not the same as our email, it was breaking so to speak.

I changed the users email in AD to reflect the internal Domain and people were able to log in with their windows username and password. Thank you!!

Barbie

afrugone
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Sun Jan 01, 2006 11:32 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by afrugone » Wed May 02, 2012 1:36 pm

I've tried everything, but no way, I've installed a new server and test against two different AD one W2k and W2k3,and no success. Could be a problem at Domain or OS configuration?

This is the config:

LDAP V3
Host: 10.10.11.2
Port: 389
Connect User: mydomain\administrator
Connect Password: password
Use Search
Base DN: DC=mydoamin,DC=local
User DN/Filter: sAMAccountName=[username]
Map User ID: sAMAccountName
Map Full Name: name
Map Email: mail
Test User: administrator
Test Password: password

Joomla 2.54 (new install) on Centos 6.2

And get this message from PHP LDAP debug:

:: PHP LDAP Debug V1.05 Script Started ::
Attempting to bind to LDAP server using connect username and password...
LDAP bind successful.
Attempting to use search to find user...
Failed: search has been used but 'sAMAccountName=Administrator' is NOT a filter. Check this for more information.

NickC4555
Joomla! Explorer
Joomla! Explorer
Posts: 457
Joined: Sun Jan 30, 2011 10:09 am
Location: Leicester, UK

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by NickC4555 » Wed May 02, 2012 2:24 pm

You are missing the brackets around your User DN/Filter. It should be:

(sAMAccountName=[username])

afrugone
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Sun Jan 01, 2006 11:32 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by afrugone » Wed May 02, 2012 2:28 pm

Thanks it works

afrugone
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Sun Jan 01, 2006 11:32 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by afrugone » Wed May 02, 2012 2:32 pm

Another question, in Joomla I must create the users or there is a way to import (sync from AD) fron the AD

Thanks

NickC4555
Joomla! Explorer
Joomla! Explorer
Posts: 457
Joined: Sun Jan 30, 2011 10:09 am
Location: Leicester, UK

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by NickC4555 » Wed May 02, 2012 2:48 pm

If you implement the full JMapMyLDAP suite (http://shmanic.com/tools/jmapmyldap/) you will get:

Automatic Joomla user creation
AD to Joomla security groups mapping
Authentication with password sync
Single sign on

afrugone
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Sun Jan 01, 2006 11:32 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by afrugone » Wed May 02, 2012 2:56 pm

I must disable Joomla Native LDAP suppoprt plugins?

Thanks for your help.

NickC4555
Joomla! Explorer
Joomla! Explorer
Posts: 457
Joined: Sun Jan 30, 2011 10:09 am
Location: Leicester, UK

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by NickC4555 » Wed May 02, 2012 3:01 pm

Yes. Just follow the guides here: http://shmanic.com/tools/jmapmyldap/guide.htm

afrugone
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Sun Jan 01, 2006 11:32 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by afrugone » Wed May 02, 2012 5:31 pm

Many thanks, I got it working, users are created, but not assigned to the Mapping List group, always go to Registered Group, what could be wrong? here is the configuration:

For a test_joomla user from LDAP Debug Tool I get:
dn CN=test_joomla,OU=Sistemas,OU=Division,OU=Usuarios,DC=mydomain,DC=local

User - JMapMyLDAP
Use Group Mapping Yes
Allow Additions Yes
Allow Removals Yes&Default Managed
Unmanaged Groups 1;2;8
Public Group 1
Mapping List (try following options)
cn=Domain Users,OU=Sistemas,OU=Division,OU=Usuarios:10
cn=Users,OU=Sistemas,OU=Division,OU=Usuarios:10
OU=Sistemas,OU=Division,OU=Usuarios:10
Lookup Type Forward
Lookup Attribute memberOf
Lookup Member dn
Use Recursion Yes
DN Attribute distinguishedName
Max Depth 0

NickC4555
Joomla! Explorer
Joomla! Explorer
Posts: 457
Joined: Sun Jan 30, 2011 10:09 am
Location: Leicester, UK

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by NickC4555 » Wed May 02, 2012 5:43 pm

I just use AD Groups, e.g.:

CN=HR Content Manager:9
CN=HR:10
CN=Directors:15

I also have recursion set to No.

Tonygetz
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Tue Jan 18, 2011 5:12 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by Tonygetz » Tue May 08, 2012 3:19 am

Hi Guys,

I'm planning an SSO project for a client whereby Joomla 2.5.4 will be used for their internal intranet type purposes however the site is hosted outside of their firewall on our servers.

They are looking to use Oracle Enterprise Single Sign-On to manage all their SSO requirements (http://www.oracle.com/technetwork/middl ... 86728.html).

Can anyone please let me know if:
1) you have worked with this Oracle product?
2) if you think it will work with JMapMyLDAP Joomla extension?
3) if you think it will work with a joomla installation on the web (i.e. outside of the company's firewall and network infrastructure?

Any help and advice is greatly appreciated.

Kind regards.

specterman
Joomla! Apprentice
Joomla! Apprentice
Posts: 9
Joined: Fri Mar 30, 2012 12:40 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by specterman » Tue May 08, 2012 12:18 pm

afrugone wrote:Many thanks, I got it working, users are created, but not assigned to the Mapping List group, always go to Registered Group, what could be wrong? here is the configuration:

For a test_joomla user from LDAP Debug Tool I get:
dn CN=test_joomla,OU=Sistemas,OU=Division,OU=Usuarios,DC=mydomain,DC=local

User - JMapMyLDAP
Use Group Mapping Yes
Allow Additions Yes
Allow Removals Yes&Default Managed
Unmanaged Groups 1;2;8
Public Group 1
Mapping List (try following options)
cn=Domain Users,OU=Sistemas,OU=Division,OU=Usuarios:10
cn=Users,OU=Sistemas,OU=Division,OU=Usuarios:10
OU=Sistemas,OU=Division,OU=Usuarios:10
Lookup Type Forward
Lookup Attribute memberOf
Lookup Member dn
Use Recursion Yes
DN Attribute distinguishedName
Max Depth 0
afrugone,

have you got the mapping working yet? I'm having the same issue. please share if you have solved the problem.

Thanks!

afrugone
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Sun Jan 01, 2006 11:32 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by afrugone » Tue May 08, 2012 1:09 pm

I Made two mistakes:

1.- First mistake was to omit brackets in (sAMAccountName=[username]), the brackets () must be included.
2.- Associate 'cn' parameter to and OU, but must groups:
I create two test groups testgroup and JoomlaAdmins, and assign mappings to these groups:
cn=testgroup,OU=Usuarios:9
cn=JoomlaAdmins,OU=Usuarios:7
'cn' are associated to groups.

For this test I used windows 2003 AD.

I don't try SSO, it requires configuration at user's computers, and for me this is more difficult to manage with about 200 users.

I' hope this help you.

NickC4555
Joomla! Explorer
Joomla! Explorer
Posts: 457
Joined: Sun Jan 30, 2011 10:09 am
Location: Leicester, UK

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by NickC4555 » Tue May 08, 2012 1:21 pm

afrugone wrote: I don't try SSO, it requires configuration at user's computers, and for me this is more difficult to manage with about 200 users.
Only with Firefox, IE doesn't.

afrugone
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Sun Jan 01, 2006 11:32 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by afrugone » Tue May 08, 2012 1:25 pm

And work's with Chrome?

NickC4555
Joomla! Explorer
Joomla! Explorer
Posts: 457
Joined: Sun Jan 30, 2011 10:09 am
Location: Leicester, UK

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by NickC4555 » Tue May 08, 2012 1:30 pm

afrugone wrote:And work's with Chrome?
It looks like Chrome does need some client side work:

http://ben-tech.[URL banned].co.uk/2011/09/ ... ation.html

afrugone
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Sun Jan 01, 2006 11:32 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by afrugone » Tue May 08, 2012 1:34 pm

Interesting, I'll try to use SSO. Thanks


Locked

Return to “Extensions for Joomla! 2.5”