The Joomla! Forum ™



Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  [ 49 posts ]  Go to page 1, 2  Next
Author Message
 Post subject: LDAP
PostPosted: Tue Apr 24, 2007 2:33 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Apr 24, 2007 2:17 pm
Posts: 10
Does anyone know how to implement this LDAP tool?  The site does not have documentation yet.

http://joomlacode.org/gf/project/jauthtools/

Thank you.


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Thu Apr 26, 2007 10:42 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Sun Mar 05, 2006 1:21 pm
Posts: 16
Hello,

I am attempting to implement it now.  I can not get the bots to install though.  Have you been able to get past this point?  I simply zipped the joomla.ldap.php and joomla.ldap.xml files and attempted to install them as a mambot.  I received the "ERROR: Could not find a Joomla! XML setup file in the package." error.

I then tried copying the two files into the mambots/system/ folder but they do not show up under "Site Mambots". 

We have a Win2003 AD environment that we would like to utilize for Joomla authentication.  Let me know what your progress is, if any, and maybe we can help each other.

Robert


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Fri Apr 27, 2007 2:10 am 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Apr 24, 2007 2:17 pm
Posts: 10
Yeah, I just used the zip files he has on his site under the Files tab.  They installed immediately, but now I have to play with the settings.  I have the same environment as you.  I am getting Warning messages on the home page now, reading through his wiki seems to help a little.


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Fri Apr 27, 2007 5:11 am 
Joomla! Apprentice
Joomla! Apprentice

Joined: Sun Mar 05, 2006 1:21 pm
Posts: 16
Thank you,

The site that I had been looking at did not have the files packaged up like that.  I will install it in the morning and run it by our AD guys to begin testing.  I will post the results.

Robert


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Mon Apr 30, 2007 7:42 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Apr 24, 2007 2:17 pm
Posts: 10
rmarkin wrote:
Thank you,

The site that I had been looking at did not have the files packaged up like that.  I will install it in the morning and run it by our AD guys to begin testing.  I will post the results.

Robert


any luck?


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Mon Apr 30, 2007 8:13 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Apr 24, 2007 2:17 pm
Posts: 10
I am new to LDAP so here are the settings I am trying, let me know where I am wrong if you guys see the mistakes.
Thanks!

Using MS AD:
Joomla LDAP and HTTP Single Signon are published
" " = Items replaced for security

Joomla LDAP
Host is correct.
Port is 389
LDAP V3 - Yes
Negociate TLS - No
Don't follow referrals - Yes
Base DN: Cn="connectusername",ou=service accounts,ou=staff,dc="company",dc=org
Search String: uid=[sAMAccountName], ou="department",ou=staff,dc="company",dc=org
User DN: ou="department",ou=staff,dc="company",dc=org
Map FullName: displayName
Map Email: mail
Map User ID: sAMAccountName
Map Password: userPassword

HTTP Single Signon set to use Global Settings
Set to Bind as User


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Tue May 01, 2007 4:59 am 
Joomla! Apprentice
Joomla! Apprentice

Joined: Sun Mar 05, 2006 1:21 pm
Posts: 16
Our AD guys aren't going to be able to start testing until the day after tomorrow.  I will post with our settings / results then, but hopefully it will work.


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Tue May 01, 2007 4:05 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Fri Apr 13, 2007 6:54 pm
Posts: 5
Location: Portage, MI
I'm having problems with this as well. We have nested OU's! :-\ I don't know how to get this to work.


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Thu May 03, 2007 6:32 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Apr 24, 2007 2:17 pm
Posts: 10
I switched my base DN to: ou="department",ou=staff,dc="company",dc=org
Search String to: CN=*\([login]\)
Connect username: Cn="connectusername",ou=service accounts,ou=staff,dc="company",dc=org
Users DN: Cn="connectusername",ou=service accounts,ou=staff,dc="company",dc=org

This stuff is confusing, but it still doesn't work.


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Tue Jun 05, 2007 2:04 pm 
User avatar
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Fri Sep 02, 2005 2:26 am
Posts: 171
Location: Portugal
I've been testing LDAP with Joomla and IPB. So far both Joomla and IPB are working with LDAP (consulting users) but i still have to make the custom pages for registration and password/email change.

Regarding Joomla, the 2 required mambots are "Joomla LDAP" and "LDAP SSI". One of the most important things (i've found it somewhere on the net) is that the mambot JoomlaLDAP must be above the LDAPSSI mambot in the mambot ordering.

The test was made with openldap 2.2.29 (windows version), Joomla 1.0.12 and IPB 2.2.2

If anyone is interested in the configurations i will gladly post them here (as an example)

_________________
http://www.metpage.org | http://www.visigod.com


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Tue Jun 05, 2007 9:42 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Apr 24, 2007 2:17 pm
Posts: 10
That would be great if you can post the example.  Just mask the personal info with generic words like company, departname , etc...


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Tue Jun 05, 2007 10:45 pm 
User avatar
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Fri Sep 02, 2005 2:26 am
Posts: 171
Location: Portugal
Ok, let's see if i can make it so that you can understand it  :D

1 - Install the Joomla/Ldap mambot (joomla_ldap.bot.tgz)
2 - Configure the mambot as in image below:
Image

3 - Install the Joomla/SSI mambot (ldap.ssi.bot.tgz)

4 - Configure the mambot as in image below:
Image


5 - Move the Joomla/LDAP mambot above the Joomla/SSI mambot as in image below:
Image



6 -The configuration for IPB is simple but i will post it here just in case someone wants to try it with IPB
edit the file /sources/loginauth/ldap/conf.php and change the values below to fit your configuration
Code:
$LOGIN_CONF['ldap_server'] = 'localhost';
$LOGIN_CONF['ldap_server_username'] = 'cn=Manager,dc=domain,dc=ext';
$LOGIN_CONF['ldap_server_password'] = 'PASSWORD';
$LOGIN_CONF['ldap_uid_field'] = 'uid';
$LOGIN_CONF['ldap_base_dn'] = 'ou=People,dc=domain,dc=ext';




I've made a uid search in my test server and the result is as shown:
Image


You can now login with the users that are in your LDAP

My LDAP details (bare with me because it's my first LDAP experience) are:

dc=domain,dc=ext

My users are in ou=People,dc=domain,dc=ext

The users that exist in LDAP but doesn't exist in Joomla will be auto-created. The same will happen in IPB: if they don't exist they will be created. I will now test the IPB ldap hack so that the display name and the email address are auto passed into IPB database when creating a new user since currently it's asked in the first user login.

Hope it helped.

_________________
http://www.metpage.org | http://www.visigod.com


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Wed Jun 06, 2007 12:14 am 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Apr 24, 2007 2:17 pm
Posts: 10
Thank you, I'll try this at work tommorrow, project had been on the back burner.  I had all the settings, but wasn't exactly sure where to put them since Joomla has a lot more options in this mambot then other LDAP configs such as the one in Wordpress (which I did get to work).


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Wed Jun 06, 2007 3:28 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue May 15, 2007 3:39 pm
Posts: 11
I have made that's issues. I must really have a administrator user from the ldap that i want to connect?
Thanks


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Wed Jun 06, 2007 3:38 pm 
User avatar
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Fri Sep 02, 2005 2:26 am
Posts: 171
Location: Portugal
mt wrote:
I have made that's issues. I must really have a administrator user from the ldap that i want to connect?
Thanks


You must have a user in LDAP that can do queries/searches on the tree you wish to use (in this example 'ou=People,dc=domain,dc=ext')

_________________
http://www.metpage.org | http://www.visigod.com


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Wed Jun 06, 2007 4:29 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue May 15, 2007 3:39 pm
Posts: 11
Thank you very much.
I must have basic autentication on iis ou anonymous autentication?


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Wed Jun 06, 2007 4:48 pm 
User avatar
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Fri Sep 02, 2005 2:26 am
Posts: 171
Location: Portugal
mt wrote:
Thank you very much.
I must have basic autentication on iis ou anonymous autentication?


By IIS i understand that you are referring to ActiveDirectory. If so i cannot help you because i didn't tested it with AD nor i have access to any AD to test it.

But i guess that basic authentication is the best since it's a little more secure than anonymous authentication

_________________
http://www.metpage.org | http://www.visigod.com


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Wed Jun 06, 2007 10:10 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue May 15, 2007 3:39 pm
Posts: 11
Thank you again.  :D
What kind of autentication do you have in your linux server? Is it possible to have anonymous autentication, but in jooma when you log on in login module, log with a user from my AD?  ???


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Wed Jun 06, 2007 10:28 pm 
User avatar
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Fri Sep 02, 2005 2:26 am
Posts: 171
Location: Portugal
It is possible to have anonymous authentication. In the "LDAP SSI" mambot put "Anonymous Compare" in the "Authorization Method" field and leave "Connect username" and "Connect password" blank.

The authentication in the mambot is only to check if the users exists in LDAP and if the password provided in the frontend login matches the one in the LDAP.

Then you can use your AD account to login into Joomla.

Don't forget that the default usergroup in Jooma is set to "Registered". You can always login in Joomla with your LDAP user and with your local Joomla account (the admin i.e.)

_________________
http://www.metpage.org | http://www.visigod.com


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Fri Jun 08, 2007 2:54 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue May 15, 2007 3:39 pm
Posts: 11
Visigod, WONDERFULL!! It Works!!
But now, when i do the login on the login module, i have the message that cookies are not enabled. I have the cookies enabled on my browser.
Do you not what is wrong?
Thank very much!
;)


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Fri Jun 08, 2007 5:39 pm 
User avatar
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Fri Sep 02, 2005 2:26 am
Posts: 171
Location: Portugal
That's strange. I never got that problem. I will see if i can find any solution on the mambot developer site.

_________________
http://www.metpage.org | http://www.visigod.com


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Mon Jun 11, 2007 3:34 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue May 15, 2007 3:39 pm
Posts: 11
That's not a problem  ;) resolved!
I also installed the http single sign on, it works perfectly, but i cannot logout from frontend.


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Thu Jun 14, 2007 11:00 am 
Joomla! Fledgling
Joomla! Fledgling

Joined: Thu Jun 14, 2007 10:53 am
Posts: 3
Guys some off topic help please?
Any particular way of creating ou=People dn and putting users in it?


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Thu Jun 14, 2007 12:40 pm 
User avatar
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Fri Sep 02, 2005 2:26 am
Posts: 171
Location: Portugal
venom14 wrote:
Guys some off topic help please?
Any particular way of creating ou=People dn and putting users in it?


Right now i'm using ldapbrowser (http://www-unix.mcs.anl.gov/~gawor/ldap/) to connect to the ldap and creating the users. I'm also developing a component to manager the users from LDAP via Joomla but since i'm new to the LDAP stuff things are moving slowly.

_________________
http://www.metpage.org | http://www.visigod.com


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Thu Jun 14, 2007 3:03 pm 
Joomla! Fledgling
Joomla! Fledgling

Joined: Thu Jun 14, 2007 10:53 am
Posts: 3
VisiGod cheers mate...!
I found a way and thanks to your really helping "guide" worked just great!
;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D

THAAAAANKS!


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Thu Jun 14, 2007 10:03 pm 
User avatar
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Fri Sep 02, 2005 2:26 am
Posts: 171
Location: Portugal
venom14 wrote:
VisiGod cheers mate...!
I found a way and thanks to your really helping "guide" worked just great!
;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D

THAAAAANKS!


Glad i could help :)

I'm now working on the components/modules to replace the current "Lost Password/Change Details/Register" of Joomla with LDAP ones. Things are moving slowly but moving positively :)

When i have a working version i will release them to the public so that people can test them and use them

_________________
http://www.metpage.org | http://www.visigod.com


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Fri Jun 15, 2007 8:13 am 
Joomla! Fledgling
Joomla! Fledgling

Joined: Fri Jun 15, 2007 7:26 am
Posts: 4
mt wrote:
That's not a problem  ;) resolved!
I also installed the http single sign on, it works perfectly, but i cannot logout from frontend.


mt wrote:
You need to go to php.ini and on line:
; extension=php_ldap.dll place with this one:
extension=php_ldap.dll



Hi

I am still testing Joomla 1.0.12 and have installed all mambots from the LDAP Tools - that is: LDAP SSI, LDAP SSO and Joomla LDAP - published in the order mentioned. I'm using Windows 2003 Active Directory.

I am currently testing Joomla 1.0.12 (with IIS, PHP, windows server 2003) and did the following LDAP installation and publish these two: Joomla LDAP followed by HTTP SSO.

I have tried the above method given and dl the php_ldap.dll in the ext of PHP folder, however it still shows the error " ldap not enabled -please install LDAP in your PHP instance to continue". 

Could you advise me on this. really wish to get my http sso to work..


Thanks!


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Fri Jun 15, 2007 9:31 am 
User avatar
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Fri Sep 02, 2005 2:26 am
Posts: 171
Location: Portugal
Don't feel offended with some basic questions I'm making but it's always good to take some issues off the way first.

1 - Did you restarted your IIS service?

2 - Can you please see with phpinfo if you have the LDAP extension loaded like in image below (I'm using openldap but you should get something different there):
Image

Also, you don't need the SSO mambot, only the SSI. If you check on the JAuthTools page (http://sammoffatt.com.au/jauthtools/ind ... tall_Guide) the mambot's should be used like:
Quote:
    * Joomla LDAP
    * LDAP Single Sign In aka SSI (applicable for appropriately configured Active Directory, openLDAP or Novell Directory Services (eDirectory) systems).
    * LDAP Single Sign On aka SSO (only supported on Novell Directory Services based systems using Netware [not OES] servers).
    * LDAP Synchronization.


You can also check the page http://sammoffatt.com.au/jauthtools/ind ... _Directory to see how to configure it for AD.

Hope it helped

_________________
http://www.metpage.org | http://www.visigod.com


Last edited by VisiGod on Fri Jun 15, 2007 9:35 am, edited 1 time in total.

Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Mon Jun 25, 2007 2:59 am 
Joomla! Fledgling
Joomla! Fledgling

Joined: Fri Jun 15, 2007 7:26 am
Posts: 4
Hi,

I did restart my IIS.
I do not have the PHP extension loaded image page. (I did place the the libraries php_ldap.dll in my PHP ext folder)..
I have the error " Ldap not enabled -Please install in your PHP instance to continue"
Could you advise me on that ?


Another question: Did u successfully integrate mircosoft AD with Joomla 1.0.12 with openldap?


Teesnna


Top
 Profile  
 
 Post subject: Re: LDAP
PostPosted: Mon Jun 25, 2007 6:40 am 
User avatar
Joomla! Intern
Joomla! Intern

Joined: Sun Oct 09, 2005 2:14 pm
Posts: 55
Location: Western Australia
Hi everyone,

I finally got LDAP to work on J1.0.12.

For myself and my client, the whole point of getting LDAP to work was to enable customers to access serveral different sites with one login and maintain user details in one location.

Something which I think I misunderstood is user autocreation. When a user is created in LDAP, they are automatically created in Joomla when they try to log in. Fantastic!.

However, can the J!authtools automatically create the user in LDAP when they register at my site? At the moment it seems we have to manually create them in LDAP first.

Regards
John.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 49 posts ]  Go to page 1, 2  Next



Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group