How to use LDAP feature in J! 1.5 ?

For Joomla! 1.5 Coding related discussions, please use: http://groups.google.com/group/joomla-dev-general
Locked
Alex53
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 236
Joined: Mon Aug 22, 2005 11:25 am

Re: How to use LDAP feature in J! 1.5 ?

Post by Alex53 » Mon Apr 14, 2008 10:15 am

Zgembo wrote:Since I myself did not find clear directions on how to do this I will go ahead and try to write out a short step-by-step guide. Please note that this guide assumes that you have Joomla 1.5 installed:

My setup is the following: Joomla 1.5 on Ubuntu/Unix with win2003 Active Directory

1. First you will need to enable a LDAP support to PHP, if you haven't already done so:

Code: Select all

sudo apt-get install php5-ldap
sudo /etc/init.d/apache2 restart
You may also need to enable an extension in php.ini and restart the Apache. You do so by removing ";" in front of the extension=php_ldap.dll

Code: Select all

extension=php_ldap.dll
And then restart Apache again

Code: Select all

sudo /etc/init.d/apache2 restart
2. Second Install Softerra LDAP Browser 2.6 so you better understand your win2003 Active Directory.

3. Third , according to your LDAP cointainer setting, populate fields inside of Joomla 1.5 LDAP Authentication plugin. The setting below worked for me in win2003 Active Directory:

Code: Select all

Host: server.domainname.com
Port: 389
LDAP V3: Yes
Negotiate TLS: No
Do not follow referrals: No
Authorization Method: Bind and Search
BaseDB: OU=ITGROUP,DC=domainname, DC=com
Search String: sAMAccountName=[search]
Users DN: Blank

Connect username: CN=ITADMIN, OU=ITGROUP,DC=domainname,DC=com
Connect password: *********

Map: Full Name: cn
Map: E-mail: mail
Map: User ID: sAMAccountName
4. Fourth, create a user inside of Joomla 1.5 with blank password that is also in your win2003 LDAP directory and try to login with that particular user name first.

5. Fifth, hopefully this worked for you, if not then you most likely have a small problem with can be solved by posting in this forum.

Hope this helps all people like me with minimal knowledge who spent three weeks trying to get this thing to work. Good luck!
Thanks for this great post. It worked for me and I am also loving the Softerra LDAP browser.

I have a doubt...how could I restrict different areas of the site depending on Active Directory group membership?

marvinh
Joomla! Apprentice
Joomla! Apprentice
Posts: 6
Joined: Mon Aug 20, 2007 7:15 am

Re: How to use LDAP feature in J! 1.5 ?

Post by marvinh » Mon Apr 21, 2008 3:44 pm

Alex53,

I tried you're solution... the only problem is i can't get it working here on my work. We have a 2003 domain...
With the following settings i can connect, but i get an error "Please enter a valid e-mail address. " If i put none correct information it says "Username and password do not match or you do not have an account yet. " so the verify goes well...

These are my settings now:

Host fs-alk01.bla.nl
Port 389
LDAP V3 Yes
Negotiate TLS No
Follow referrals No
Authorization Bind Directly as User
Base DN DC=ra*****.nl,DC=nl
Search String sAMAccountName=[search]
Users DN *blank*

--------------------------------------------------------------------------------

Connect username CN=Administrator,OU=Domain Users,OU=Accounts,DC=ra*******.nl,DC=nl
Connect password **************

--------------------------------------------------------------------------------

Map: Full Name CN
Map: E-mail mail
Map: User ID sAMAccountName

What is the problem, if i choose Bind and Search the authentication is not working, the error is "Username and password do not match or you do not have an account yet. "... if i choose Bind Directly as User the authentication goes well, because he says "Please enter a valid e-mail address. " and with false credentials "Username and password do not match or you do not have an account yet. "

Philipcare
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Tue Jan 08, 2008 12:47 pm

Re: How to use LDAP feature in J! 1.5 ?

Post by Philipcare » Wed Apr 23, 2008 11:28 am

Lots of talk about Active Directory here... Our management has thrown out ALL MS software and we have to start from scratch learning Open Source Software of all kinds :-\

We're running: Linux Fedora + Apache + MySQL + PHP with JOOMLA! 1.5
and now we need integration with LDAP...
Question: is there a ready-made PLUGIN to do this ( as we don't master PHP at all :'( )
Reading through posts gives me a real " Headache " :eek:

freggy
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Mon Dec 19, 2005 1:37 pm

Group mapping

Post by freggy » Mon Apr 28, 2008 1:57 pm

I'm trying to get the group mapping working correctly with Joomla 1.5.3, but unfortunately I did not succeed yet.
With the JDiagnostic plug-in, I can see that verification of the LDAP password works, and it can create new users in the Joomla database. However, they are always member of the Public Front-end group, while I would want them to be Administrator. So I tried to get the group mapping working:

In the "User Source - LDAP" plug-in properties, I set the Group Map to:
cn=joomadmins,ou=Groups,dc=foo,dc=bar;24;Administrator;20
Map user groups is set to memberUid

In the OpenLDAP directory I have:
dn: cn=joomadmins,ou=Groups,dc=foo,dc=bar
objectClass: top
objectClass: posixGroup
cn: joomadmins
gidNumber: 5000
structuralObjectClass: posixGroup
entryUUID: ee1267fa-a4bc-102c-9c0a-13c612cebd66
creatorsName: cn=admin,dc=foo,dc=bar
createTimestamp: 20080422133700Z
memberUid: myuser
entryCSN: 20080422133752Z#000000#00#000000
modifiersName: cn=admin,dc=foo,dc=bar
modifyTimestamp: 20080422133752Z

dn: uid=myuser,ou=People,dc=foo,dc=bar
objectClass: posixAccount
objectClass: inetOrgPerson
objectClass: shadowAccount
objectClass: sambaSamAccount
uid: myuser
cn: myuser
sn: myuser
userPassword:: foobar
uidNumber: 1015
gidNumber: 1015
homeDirectory: /home/myuser
loginShell: /bin/bash
shadowLastChange: 13550
shadowMax: 99999
shadowWarning: 7
sambaSID: S-1-5-21-1321960024-1324507782-1824097075-3030
structuralObjectClass: inetOrgPerson
entryUUID: 5610d41c-2aed-102c-8d76-afd99e089d27
creatorsName: cn=admin,dc=foo,dc=bar
createTimestamp: 20071119131608Z
gecos: My User
mail: myuser@foo.bar
entryCSN: 20080422133752Z#000001#00#000000
modifiersName: cn=admin,dc=foo,dc=bar
modifyTimestamp: 20080422133752Z

Still the user is created in the Public Front-end group 29 according to JDiagnostic, and when I try to log in into the administration back-end, I get the error E_NOLOGIN_ACCESS. What could be wrong?

MFeyissa
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Mon May 19, 2008 7:19 am

Re: How to use LDAP feature in J! 1.5 ?

Post by MFeyissa » Mon May 19, 2008 7:37 am

Hi all

I have downloaded Joomla 1.5.3 and try to configure it for LDAP on My local Machine wth Windows XP. My aim to authenticate users from Microsoft Active Directory(windows 2003). Can I do that?
Is there some thing that I can configure on windows XP?

Your help is appreciated.

Thanks

Mekonnen

mhasle
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Thu May 29, 2008 7:56 pm

Re: How to use LDAP feature in J! 1.5 ?

Post by mhasle » Thu May 29, 2008 8:22 pm

Hi,

I've got my LDAP authentication working well.
Using OpenLDAP, that as not that difficult... The users are getting authenticated through the LDAP, when they are created without any password, or locally is a password is set. So it seems to be fine.

Unfortunatly, using that , it means that the user has to be created through the administrator interface. So I though that the autocreation should be the solution.. So I enable it... but the visitors cannot create any Joomla account without having to set a Full Name, username, email address and password (using the create account link in the login form). So they will never authenticate against the OpenLDAP, but always locally... This is not the aim of the solution.

Have I missed something here ?
Does the user needs to create the account first, or do they have just to type in their uid, or email address with a valid password to get the joomla account created ?

Many many many thanks for your help
Michael

lordbein
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Thu Jul 17, 2008 1:18 pm

Re: How to use LDAP feature in J! 1.5 ?

Post by lordbein » Thu Jul 17, 2008 1:23 pm

He,

I also set up now LDAP correctly according to our environment. All Users have all information in the AD, so auto registration is working well. If somebody is changing the password (through AD) he can connect to joomla with the new one...The only problem is if somebody is changing the login name in the AD...but this will not happen to often in our AD...
:pop

godbout
Joomla! Apprentice
Joomla! Apprentice
Posts: 6
Joined: Mon Jul 28, 2008 8:38 am

Re: How to use LDAP feature in J! 1.5 ?

Post by godbout » Mon Jul 28, 2008 9:51 am

Hi there,

I've got a question about this feature. I have, on a page, to get a form where the users should enter their ldap identifiers. If they have the authentication, they will be redirected to another page.
I've developped all the authentication stuff in php and it's working.
Now I've tried this feature and I'm wondering if I can do what I want with it. It's not clear to me. Or this feature is just to link the ldap server with the administrator or frontpage login?!

If I misunderstood, could you give me a way where I could look for a solution to my problem? Get a mambot/plugin to handle php and/or forms in a content?

Thanks in advance!
I'm a bit lost now :-)

haabb
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Mon Jul 28, 2008 5:47 pm
Location: china BJ
Contact:

Re: How to use LDAP feature in J! 1.5 ?

Post by haabb » Mon Jul 28, 2008 6:23 pm

Me too! :eek:
Thanks in advance!

DeZzL
Joomla! Apprentice
Joomla! Apprentice
Posts: 24
Joined: Fri Jun 02, 2006 12:37 pm
Contact:

Re: How to use LDAP feature in J! 1.5 ?

Post by DeZzL » Wed Aug 06, 2008 11:38 am

I'm having some troubles with Novell eDirectory. Search and bind works perfectly but searches through in whole LDAP server like this:
  • Host: xxx.xxx.xxx.xxx
    Port: xxx
    LDAP V3: No
    Negotiate TLS: No
    Follow referrals: No
    Authorization: Bind and Search
    Base DN: o=BOC
    Search String: cn=[search]
    User's DN: empty
    Connect username: empty
    Connect password: empty
    Map: Full Name: sn
    Map: E-mail: mail
    Map: User ID: cn
I wanted a more specific search so i'm trying the "Bind directly as user" and point straight to the right place in the LDAP server. First i tried to change the Search String to:
  • Search String: cn=[search], ou=EMPLOYEES, o=BOC; cn=[username], ou=STUDENTS, o=BOC
This didn't work so i tried to simplify the searchstring to see if 1 string would work.
  • Search String: cn=[search], ou=EMPLOYEES, o=BOC
This even breaks the login:
  • Search String: cn=[search], ou=EMPLOYEES
So i thought i'd give the 'Bind directly as user' a try:
  • Host: xxx.xxx.xxx.xxx
    Port: xxx
    LDAP V3: No
    Negotiate TLS: No
    Follow referrals: No
    Authorization: Bind Directly as User
    Base DN: o=BOC
    Search String: empty
    User's DN: cn=[username], ou=EMPLOYEES, o=BOC
    Connect username: empty
    Connect password: empty
    Map: Full Name: sn
    Map: E-mail: mail
    Map: User ID: cn
Again, this works like a charm. The problem is that i need to point to two seperate oranisation units. Therefore i'm trying to add a second string for User's DN, seperated by a semicolon, just like the 'help' says:
  • User's DN: cn=[username], ou=EMPLOYEES, o=BOC; cn=[username], ou=STUDENTS, o=BOC
This gives me an error when trying to login.

Does anyone know why multiple strings are not working for me with both Authorisation Methods?
Does anyone know why my Search String does not work when i add something after cn=[search]

Diagnostic Information
Joomla! Version: Joomla! 1.5.5 Production/Stable [ Mamni ] 27-July-2008 22:00 GMT
configuration.php: Not Writable (Mode: 444 ) | RG_EMULATION: N/A
Architecture/Platform: Windows NT 5.2 ( i586) | Web Server: Apache/2.2.8 (Win32) PHP/5.2.5 ( example.com ) | PHP Version: 5.2.5
PHP Requirements: register_globals: Disabled | magic_quotes_gpc: Disabled | safe_mode: Disabled | MySQL Support: Yes | XML Support: Yes | zlib Support: Yes
mbstring Support (1.5): Yes | iconv Support (1.5): Yes | save.session_path: Not Writable | Max.Execution Time: 30 seconds | File Uploads: Enabled
MySQL Version: 5.0.51b-community-nt ( localhost via TCP/IP )
Last edited by DeZzL on Wed Aug 06, 2008 2:24 pm, edited 1 time in total.

bp21
Joomla! Apprentice
Joomla! Apprentice
Posts: 11
Joined: Wed Aug 06, 2008 12:07 pm
Location: United Kingdom, England, Burton
Contact:

Re: How to use LDAP feature in J! 1.5 ?

Post by bp21 » Wed Aug 06, 2008 12:25 pm

hi i have a windows server 2003 running IIS with PHP & MYSQL, and exchange server 2003

i have installed the new joomla 1.5 and i an trying to get the ldap authentication working.

i have know idea of what settings to enter.

my useres are in a orginistaion unit called administrators

and domain name is "bp21.domain"

Active Directory server is "BPN-SR-001" (ip 192.168.0.3 / 192.168.0.4)
Domain Name is "BP21.Domain" (internal)

i have included a screen shot of my active directory to help,
Image

i have also included a copy of the current settings i have put in
Image

thanks for any help in advance.

DirtySnipe
Joomla! Apprentice
Joomla! Apprentice
Posts: 33
Joined: Tue May 27, 2008 11:43 am

Re: How to use LDAP feature in J! 1.5 ?

Post by DirtySnipe » Thu Aug 28, 2008 10:28 am

I have a slight problem with ldap and joomla.

It auto creates the accounts fine when somone enters there username and password. But if i look in the database it has only registered the account with username and email. It does not save the password aswell.

This is a problem for me because i use other plugins that pull users passwords from there account to log them into other applications.

Is there anyway of getting ldap plugin to save the password aswell?

DirtySnipe
Joomla! Apprentice
Joomla! Apprentice
Posts: 33
Joined: Tue May 27, 2008 11:43 am

Re: How to use LDAP feature in J! 1.5 ?

Post by DirtySnipe » Mon Sep 01, 2008 8:30 am

<BUMP>

pasamio
Joomla! Ace
Joomla! Ace
Posts: 1318
Joined: Thu Aug 18, 2005 9:27 am
Location: San Jose, CA, USA
Contact:

Re: How to use LDAP feature in J! 1.5 ?

Post by pasamio » Thu Oct 30, 2008 4:05 am

Joomla! doesn't store passwords automatically for external authentication systems. You could write a plugin that grabbed the password and stored it where you needed yourself. You can also grab the password directly from the LDAP directory as well.
Sam Moffatt
Updater, Installer and Authentication Systems
JoomlaCode Backend Systems
Pie.

rajen_kk
Joomla! Apprentice
Joomla! Apprentice
Posts: 9
Joined: Tue Nov 18, 2008 5:50 am

Re: How to use LDAP feature in J! 1.5 ?

Post by rajen_kk » Wed Nov 26, 2008 7:05 am

Hey Guys!

I am trying to use LDAP Authertication in my Joomla Website
i am using Joomla 1.5 and My Company LDAP server
here is the Authentication-LDAP page's setting

Host - My Ip address
Port -389
LDAP V3 - Yes
Authorisation Method - Bind and Search
Base DN - ou=people, O=mycompanyname
Search String - uid=[search]
Map: Full Name - fullName
Map: E-mail - mail
Map: User ID - uid

i also uncomment "extension=php_ldap.dll" from \xampp\php

When i try to login with my LDAP id and password i only receive a Blank page

Can some one tel me where i go wrong? what setting i missing?
Any Documentation or settings to trouble this "Blank Page error"?

Kindly help me on this
Thanks in Advance
Raj

Jesper L
Joomla! Intern
Joomla! Intern
Posts: 65
Joined: Thu Sep 14, 2006 9:48 am
Location: Denmark

Re: How to use LDAP feature in J! 1.5 ?

Post by Jesper L » Wed Nov 26, 2008 7:35 am

I´m getting this error too. Almost reaching the point of giving up, and I´m currently installing a Ubuntu server. The most effective plugin for that at the moment should be the Plexel extension by http://www.ioplex.com. Supports group policies and SSO.

pasamio
Joomla! Ace
Joomla! Ace
Posts: 1318
Joined: Thu Aug 18, 2005 9:27 am
Location: San Jose, CA, USA
Contact:

Re: How to use LDAP feature in J! 1.5 ?

Post by pasamio » Thu Nov 27, 2008 12:33 am

Blank page is a bit weird, in your phpinfo (help -> sys info -> php info) does it list the LDAP extension there as well?
Sam Moffatt
Updater, Installer and Authentication Systems
JoomlaCode Backend Systems
Pie.

rajen_kk
Joomla! Apprentice
Joomla! Apprentice
Posts: 9
Joined: Tue Nov 18, 2008 5:50 am

Re: How to use LDAP feature in J! 1.5 ?

Post by rajen_kk » Thu Nov 27, 2008 3:13 am

hi Pasamio, Thanks for your Quick reply

i only can see LDAP in

Help-> System Info -> PHP Information
apache2handler->Loaded Modules->util_ldap

is it the correct setting?
What step/Setting i have to do to make my LDAP work?

i am using 2 type of Authentication to Login
1) Authentication-joomla
2) Authentication -LDAP

Authentication-Joomla is working fine with my Admin Id and Password but when i try to use my LDAP id and Password to Login i receive a 'Blank Page'

Please Advice me on this
Thanks in Advance
Raj

pasamio
Joomla! Ace
Joomla! Ace
Posts: 1318
Joined: Thu Aug 18, 2005 9:27 am
Location: San Jose, CA, USA
Contact:

Re: How to use LDAP feature in J! 1.5 ?

Post by pasamio » Thu Nov 27, 2008 3:31 am

You should have something like this somewhere in your phpinfo listing, it should have a reasonable sized heading similar to something like 'gd', 'zlib','SimpleXML' or 'xml' to name a few that you might have installed. If it isn't there then you don't have LDAP in your PHP instance and you need to insall it. I suggest that you consult with the provider of your Apache install to find out what you would need to get LDAP up and running.

When things are good you should get output similar to the following:
phpinfo wrote:ldap
LDAP Support enabled
RCS Version $Id: ldap.c, v 1.161.2.3.2.12 2007/12/31 07:20:07 sebastian Exp $
Total Links 0/unlimited
API Version 3001
Vendor Name OpenLDAP
Vendor Version 20224
I did a quick Google on "xampp php ldap" and found the following as the first result which may get you out of trouble:
http://www.rawiriblundell.com/?p=224

In the past I've typically added the PHP extension directory to the Windows path to avoid having to copy stuff halfway around the operating system, so that might work as an alternative. I haven't used Windows much as I use either Mac OS X or Linux primarily at either work or home.
Sam Moffatt
Updater, Installer and Authentication Systems
JoomlaCode Backend Systems
Pie.

rajen_kk
Joomla! Apprentice
Joomla! Apprentice
Posts: 9
Joined: Tue Nov 18, 2008 5:50 am

Re: How to use LDAP feature in J! 1.5 ?

Post by rajen_kk » Thu Nov 27, 2008 7:28 am

Hi Pasamio,

Thanks alot for your help.ITS WORKING NOW
i manage to login with my LDAP ID and Password.
your google link was really helpful for me to get this done

Thanks to all :)

My mistake was ...
i didnt uncommand the ;extension=php_ldap.dll in \apache\bin\php.ini
i only did it in \xampp\php

DirtySnipe
Joomla! Apprentice
Joomla! Apprentice
Posts: 33
Joined: Tue May 27, 2008 11:43 am

Re: How to use LDAP feature in J! 1.5 ?

Post by DirtySnipe » Tue Jan 06, 2009 12:30 pm

pasamio wrote:Joomla! doesn't store passwords automatically for external authentication systems. You could write a plugin that grabbed the password and stored it where you needed yourself. You can also grab the password directly from the LDAP directory as well.

Has anyone created a plugin so it captures the password aswell??

I need it to save passwords from LDAP aswell.

pasamio
Joomla! Ace
Joomla! Ace
Posts: 1318
Joined: Thu Aug 18, 2005 9:27 am
Location: San Jose, CA, USA
Contact:

Re: How to use LDAP feature in J! 1.5 ?

Post by pasamio » Tue Jan 06, 2009 1:54 pm

Well you'd first need a plugin to get the password, you'll be wanting an authentication plugin since its the only place where the password is given in plain text. The problem with this is that you aren't going to know the result of the other authentication methods, so you're going to have to put that password somewhere temporarily until you get an onLoginUser event in your user plugin you're going to need (onLoginUser gets called whenever a user is about to be logged in, in the joomla plugin the users session is created; there is also a onLoginFailure event as well for when the auth doesn't go through and you can wipe out your temporary copy). You're also going to want somewhere to put them and work out what format you want it in (plain text? if so what are the security implications).

The one thing I have toyed with is building a cut down IDM system though I haven't had the spare time to do it (its an unfunded wishlist item, at the bottom of my list as nothing really requires it now but it'd be useful).

Depending on what you want you could probably build something basic in half a day or so that does the job for you.
Sam Moffatt
Updater, Installer and Authentication Systems
JoomlaCode Backend Systems
Pie.

DirtySnipe
Joomla! Apprentice
Joomla! Apprentice
Posts: 33
Joined: Tue May 27, 2008 11:43 am

Re: How to use LDAP feature in J! 1.5 ?

Post by DirtySnipe » Tue Jan 06, 2009 3:00 pm

If I had the php knowledge then I would gladly put the time in to do it. But I havn't a clue.

hmsdexter
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Sun Oct 26, 2008 7:02 am

Re: How to use LDAP feature in J! 1.5 ?

Post by hmsdexter » Mon Jan 12, 2009 2:50 am

One more preson struggling to get LDAP working with AD on a W2k server

I am working on integrating our local intranet with our active directory server,
with the following configuration, i get an error saying:

Code: Select all

Username and password do not match or you do not have an account yet.
My config looks like this:

Code: Select all

Joomla version:
Joomla! 1.5.7 Production/Stable [ Wovusani ] 9-September-2008 23:00 GMT

Host: domain1.xxxx.com
Port: 3268
LDAP v3: YES
Negotiate TLS: NO
Follow Referrals: NO
Auth Method: Bind and search
base dn: DC=domain1,DC=xxxx,DC=com
Search String: sAMAccountName=[search]
user's DN:

Connect Username: CN=Joomla,CN=Users,DC=domain1,DC=xxxx,DC=com

Map: Full Name: displayName
Map: eMail: mail
Map: userid: sAMAccountName
How do i determine at which point the authentication fails, and is there any obvious misconfiguration in my LDAP plugin.

notes
The AD server is part of a bigger network and replicates with two other domains


thanks

pasamio
Joomla! Ace
Joomla! Ace
Posts: 1318
Joined: Thu Aug 18, 2005 9:27 am
Location: San Jose, CA, USA
Contact:

Re: How to use LDAP feature in J! 1.5 ?

Post by pasamio » Mon Jan 12, 2009 3:01 am

Try JDiagnostic and see how you go with it:
http://joomlacode.org/gf/project/pasami ... ge_id=2519
Sam Moffatt
Updater, Installer and Authentication Systems
JoomlaCode Backend Systems
Pie.

nunoragil
Joomla! Apprentice
Joomla! Apprentice
Posts: 5
Joined: Mon Jan 12, 2009 4:28 am

Re: How to use LDAP feature in J! 1.5 ?

Post by nunoragil » Mon Jan 12, 2009 4:45 am

Hi ppl,

I'm trying to setup LDAP authentication on a windows 2003 server, with IIS6 and Apache Directory Service for Joomla 1.5.8.

These are my LDAP settings in Joomla:
Host: localhost
Port: 10389
LDAP V3: Yes
Negotiate TLS: No
Follow referrals: No
Authorisation Method: Bind and search
Base DN: ou=system
Search String: cn=[search],ou=users,ou=system
User's DN:

Connect username: uid=admin,ou=system
Connect password: something

Map: Full Name: cn
Map: E-mail: mail
Map: User ID: uid

When I try to login in Joomla with user gptadmin it keeps returning: Username and password do not match. I am sure that username and password are correct.

My LDAP structure is as follows
ldap.PNG
Any ideas would be appreciated. Cheers!
You do not have the required permissions to view the files attached to this post.

pasamio
Joomla! Ace
Joomla! Ace
Posts: 1318
Joined: Thu Aug 18, 2005 9:27 am
Location: San Jose, CA, USA
Contact:

Re: How to use LDAP feature in J! 1.5 ?

Post by pasamio » Mon Jan 12, 2009 5:09 am

Have you tried getting JDiagnostic (I posted a link above) and running through its diagnostics?

You can read about the diagnostics available here and download from the above link:
http://sammoffatt.com.au/os/index.php/j ... diagnostic
Sam Moffatt
Updater, Installer and Authentication Systems
JoomlaCode Backend Systems
Pie.

nunoragil
Joomla! Apprentice
Joomla! Apprentice
Posts: 5
Joined: Mon Jan 12, 2009 4:28 am

Re: How to use LDAP feature in J! 1.5 ?

Post by nunoragil » Mon Jan 12, 2009 7:01 pm

Hi pasamio,

Thx for your answer.
It seams that I need to Bind directly as user in order for it to work.
Sorry for the question, but can anyone explain me what is the difference between "bind directly as user" and "bind and search"? Sorry but Im a newby to both Ldap and Joomla ;-)

Cheers

pasamio
Joomla! Ace
Joomla! Ace
Posts: 1318
Joined: Thu Aug 18, 2005 9:27 am
Location: San Jose, CA, USA
Contact:

Re: How to use LDAP feature in J! 1.5 ?

Post by pasamio » Tue Jan 13, 2009 12:39 am

Bind basically takes the username provided and subtitutes it into [username] of the users dn and attempts to bind to the server with those credentials. This works if you've got something you can easily substitute to build a DN (e.g. all in one container or all in one site for Active Directory (JDiagnostic configures the UPN to bind with on AD by default)).

Bind and search binds to the directory as the connect username and password (again with the user's dn replaced out) and then searches from the base DN for a DN that matches the search params. This will work for most directories that allow anonymous binds to search for information, which is usually where most Active Directory users fall over. AD doesn't permit anything beyond a Root DSE bind for anonymous users so a search by an anonymous user in AD goes no where. To use this option with AD you need to feed it some form of a user account to let it then bind successfully to the server and find the appropriate user.

Depending on what you want to achieve will also decide how you configure your settings. For example most users will find the first option works fine for them with AD (and most directories for that matter) however if you want to do stuff like SSO with AD and JAuthTools then the bind and search option is required since with SSO we don't have the users password, just their name so we need to bind as someone else to find them.
Sam Moffatt
Updater, Installer and Authentication Systems
JoomlaCode Backend Systems
Pie.

DirtySnipe
Joomla! Apprentice
Joomla! Apprentice
Posts: 33
Joined: Tue May 27, 2008 11:43 am

Re: How to use LDAP feature in J! 1.5 ?

Post by DirtySnipe » Tue Jan 13, 2009 9:16 am

DirtySnipe wrote:
pasamio wrote:Joomla! doesn't store passwords automatically for external authentication systems. You could write a plugin that grabbed the password and stored it where you needed yourself. You can also grab the password directly from the LDAP directory as well.

Has anyone created a plugin so it captures the passwords??

I need it to save passwords from LDAP aswell.

(Still an unanswered post...)


Locked

Return to “Joomla! 1.5 Coding”