JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

This forum is for general questions about extensions for Joomla! 2.5.

Moderators: pe7er, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Locked
Hobbes99
Joomla! Apprentice
Joomla! Apprentice
Posts: 13
Joined: Sun Sep 12, 2010 10:56 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by Hobbes99 » Thu Oct 02, 2014 8:58 pm

Kiran cheema wrote:Is autocreate enabled? And have you tried enabling the messages in the shlog plugin? (Or checked the log files for messages?)
Hi there Kiran,

Thanks so much for responding - I think I've got it working now.

To answer your questions (though perhaps not relevant any more), 'User Autoregister', which I think is what you were referring to(?) was set to 'Override True'. The 'SHLog - LDAP' plugin was enabled, though I wasn't sure how to retrieve/locate the logs (still not, actually).

As it is, I think I had simply overlooked that the 'Authentication - User Adapter' plugin was disabled. Enabling this seems to have fixed my issue. I don't know how I'd missed that, though it maybe didn't cross my mind because it was happily creating user accounts under HTTP. That, and the fact that there are a number of different Authentication plugins. I think I'd assumed that it was using 'Authentication - Joomla' instead.

Anyway, thanks ever so much for taking the time to respond - it's very much appreciated.

Best wishes.

User avatar
Kiran cheema
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 153
Joined: Fri Nov 23, 2007 11:18 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by Kiran cheema » Fri Oct 03, 2014 8:05 am

ah yeap that would do it!

To access the logs you need to ftp to the /logs folder in your install and have a look in there, there are 3 log files ldap.debug ldap.error and ldap.info

Hobbes99
Joomla! Apprentice
Joomla! Apprentice
Posts: 13
Joined: Sun Sep 12, 2010 10:56 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by Hobbes99 » Fri Oct 03, 2014 2:14 pm

Kiran cheema wrote:To access the logs you need to ftp to the /logs folder in your install and have a look in there, there are 3 log files ldap.debug ldap.error and ldap.info
Right you are! (in my case the /log folder - /logs was empty - must have been doing my Stevie Wonder impression) :-[ Thanks again, Kiran.

User avatar
Kiran cheema
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 153
Joined: Fri Nov 23, 2007 11:18 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by Kiran cheema » Fri Oct 03, 2014 3:24 pm

no worries, the logging needs to be enabled in the plugin too and you may want to check the log path in the main Joomla config

Classfan
Joomla! Apprentice
Joomla! Apprentice
Posts: 9
Joined: Mon Jul 07, 2014 1:26 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by Classfan » Thu Oct 09, 2014 1:38 pm

Hi there,

I got one more problem:

LDAP - works 100%
SSO - can't get frontend edit for articles to work.

If i click on "edit" while SSO is active, the page just reloads.
By using the "Bypass URL Key" to disable sso, it works.

Is the SSO plugin not compatible with frontend edit or is my configuration wrong?

Config:
Joomla 3.3.1
2.0.1.16.
AD on a Windows Server 2008 R2
Apache (with mod_authnz_sspi module for SSO) on Windows

*Edit: Seems like I could fix it, "Force Login" has to be disabled to get frontendedit to work.

rfi
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Thu Oct 30, 2014 1:49 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by rfi » Thu Oct 30, 2014 1:56 am

Hi,

I'm trying to configure JMapMyLDAP with Active Directory Lightweight Directory Services. I get the following error when testing my configuration:
:: PHP LDAP Debug 2.0.1.16 Script Started ::

Switching on full PHP LDAP debug (outputs to web server log).
Attempting LDAP connection with [redacted].local:389...
Attempting to find the distinguished name for user [redacted]...
Successfully found distinguished name [redacted].

[10112] An LDAP read operation failed. (32) No such object.


:: PHP LDAP Debug 2.0.1.16 Script Finished ::


Is there a way to identify what object the LDAP read operation is having trouble with?

Thanks for your help,
Ray.

sincar
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Fri Nov 14, 2014 9:33 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by sincar » Fri Nov 14, 2014 10:08 am

Hi, all! And many thanks in advance for your help!

I've an installation of J!2.5.24 with Shamanic Platform 2.0.1.16 on Ubuntu/LAMP binded to a Windows Server 2008 R2 ActiveDirectory. All is fine with LDAP module, using SSO module, instead, the user is recognized, but Group Mapping doesn't work, I'm always Registered user.

Does anyone helps me with this issue?

Many thanks
Sincar

[list]
Ubuntu 14.04.1
Apache 2.4.7 with MOD-AUTH-NTLM-WINBIND
PHP 5.5.9-1ubuntu4.3
Shmanic platform 2.0.1.16
J! 2.5.24 (fresh installation)
[/list]

SSO Settings
[list]Authorise User yes
Auto Register yes
Backend SSO no
Force Login yes
Bypass URL Key sso
Startup Behaviour always try
Form Tasks
user.login
sso.login
ldap:version 2.0.1.16
platform:version 2.0.1.16
[/list]


SSO - HTTP (ver. 2.0.0.400)
[list]User Key REMOTE_USER
Username Replacement ACME+
[/list]

Group Mapping (ver. 2.0.1.16)
[list]Sync on Login yes
Abort Login yes
Sync Groups Pull only
Registered Group Registered
Mapping List
...
CN=Group1,CN=Groups,DC=acme,DC=local:9
CN=Group2,CN=Groups,DC=acme,DC=local:10
...

Lookup Type forward
Memberof Attribute memberOf
Member Attribute member
Member DN Attribute dn

Use Recursion no
DN Attribute distinguishedName
Max Depth 0
[/list]

APACHE CONF
[list]
...
<Directory "/var/www/html">
AuthName "NTLM Authentication thingy"
NTLMAuth on
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
NTLMBasicAuthoritative on
AuthType NTLM
require valid-user
</Directory>
...
[/list]

djillusions
Joomla! Apprentice
Joomla! Apprentice
Posts: 9
Joined: Sat Sep 20, 2014 6:58 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by djillusions » Wed Nov 26, 2014 3:34 am

The JMapMyLdap Module became unresponsive on our site, it would not load or allow us to change any settings. In an attempt to rectify the issue I tried to remove the module and reinstall it however I can now no longer access the front or backend of the site and get the following error:

Code: Select all

1146 Table 'cws_.t2oxp_sh_config' doesn't exist SQL=SELECT `name`,`value` FROM `t2oxp_sh_config` ORDER BY `id` 
Please help me resolve this issue!!!

simplysunjyest
Joomla! Apprentice
Joomla! Apprentice
Posts: 5
Joined: Thu Dec 04, 2014 4:44 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by simplysunjyest » Thu Dec 04, 2014 4:59 am

Hi,

I am trying this on Joomla 3.3.6 and JMAPLDAP (version 2). We have two LDAPs on completely two different hosts/domains (one for students and one for Staff).

When I was doing LDAP proxy bind tests (Test/Debug), both the staff and student accounts are successful.

But on the home page, only students can login and their records are created in Joomla.

When I try to login with Staff account with correct login details I am presented with a Warning message: You cannot access the private section of the site. Also there is no account created in the database.

When I enter wrong password for staff, it says the password is incorrect... which means it is validating against LDAP but some how its not creating the user account for staff.

Can you tell me where I'm going wrong?

ares202
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Thu Dec 04, 2014 10:53 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by ares202 » Thu Dec 04, 2014 10:56 am

Hi, I am hoping you might be able to provide me some assistance in integrating your Joomla LDAP plugin on my Joomla site.

I am attempting to integrate my Active Directory LDAP server with my Joomla 3 site. I want all users on a particular domain to be able to login to the Joomla site, and also be registered on the Joomla frontend when they first login. I have installed shamanic 2 platform and followed the ‘Getting started’ ‘configuring LDAP’ and ‘Configuring SSO’ guides on the shamanic website.

My Joomla site is now able to authenticate via LDAP for users that are already registered into Joomla, and SSO is working perfectly, however for users that aren’t registered I am given the error ‘username or password is incorrect’ and nothing is logged in in the LDAP log on the server with debugging options enabled.

I have configured the setting in shamanic config > base settings > use autoregister as ‘override true’ is that all that is required? or do I need to configure the creation plugin as described here?

http://shmanic.com/tools/jmapmyldap/doc ... plugin.htm

Any assistance would be very much appreciated. Thanks

nerdican
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Mon Dec 29, 2014 9:55 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by nerdican » Wed Jan 14, 2015 6:32 pm

I have been getting errors and problems with SSO.

2015-01-14T17:53:08+00:00 15068 No SSO detection plug-ins found.
2015-01-14T17:55:42+00:00 15068 No SSO detection plug-ins found.
2015-01-14T17:55:55+00:00 15068 No SSO detection plug-ins found.
2015-01-14T17:56:37+00:00 15068 No SSO detection plug-ins found.
2015-01-14T17:56:38+00:00 15068 No SSO detection plug-ins found.
2015-01-14T17:58:48+00:00 15068 No SSO detection plug-ins found.
2015-01-14T17:58:53+00:00 15068 No SSO detection plug-ins found.
2015-01-14T18:00:49+00:00 15068 No SSO detection plug-ins found.
2015-01-14T18:04:16+00:00 15068 No SSO detection plug-ins found.
2015-01-14T18:12:24+00:00 15068 No SSO detection plug-ins found.


I am having the problem with Joomla 3.3.6 and JMapMyLDAP v.2. LDAP works great but I cannot get the SSO function to work when turned on however the dummy.sso feature works.

I am running Ubuntu Server 14.04, Apache2, PHP Version 5.5.9-1ubuntu4.5

Loaded Modules core mod_so mod_watchdog http_core mod_log_config mod_logio mod_version mod_unixd mod_access_compat mod_actions mod_alias mod_auth_basic mod_auth_kerb mod_authn_core mod_authn_file mod_authnz_ldap mod_authz_core mod_authz_host mod_authz_user mod_autoindex mod_deflate mod_dir mod_env mod_filter util_ldap mod_mime prefork mod_negotiation mod_perl mod_php5 mod_proxy mod_proxy_http mod_rewrite mod_setenvif mod_socache_shmcb mod_ssl mod_status

Could really use some help to point me in the right direction of what to look at next?

gillecaluim
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Fri Feb 22, 2013 9:58 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by gillecaluim » Fri Feb 20, 2015 7:06 pm

I'm trying to get the group mapping plugin working. I'm able to authenticate a user against a AD and login but the group mapping plugin only maps AD groups to existing joomla groups. I thought it would create new joomla groups if they didn't exist to completely sync the users group memberships?

mscruse
Joomla! Apprentice
Joomla! Apprentice
Posts: 27
Joined: Thu Oct 19, 2006 2:31 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by mscruse » Tue Apr 21, 2015 1:52 am

Hi all.

I'm looking to implement LDAP for a client, but there is one question I can't find the answer for.

When a user is logged in (authenticated via LDAP) will they be able to edit their profile to update their password and email address (if I create a menu item link to Edit Profile)???

Many thanks
Michael.

User avatar
lekankou
Joomla! Apprentice
Joomla! Apprentice
Posts: 5
Joined: Thu Jan 20, 2011 4:11 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by lekankou » Fri Jun 05, 2015 3:43 pm

Hello all and mainly mscruse !

I'm a user of the version1 of jmapmyldap and I just installed the version2 because I want the members of my site can modify their own passwords and e-mail.
With the plugin 'LDAP - Password' I can modify the password in the LDAP from the site but I can't modify my e-mail.

I have the plugin 'LDAP - Group Mapping' published and in 'Shmanic LDAP: Host Config' I have specify the LDAP attribute.
The group mapping works when I log into my site (from LDAP to Joomla) but I can't modify (from Joomla to LDAP) only password modification works.

Is it possible to modify email from the site to the LDAP ?
how and where ?
With the plug-in 'LDAP - User Creation' or 'LDAP - Injection' (or somewhere else) ?

@mscruse : did you find how to do this ?

Please help me, I need help !!

Thank you for your answer(s) and sorry for my bad english (I'm french...).

Have a nice week-end !

LeKankou
LeKankou
(a friendly french guy)

dc03kks
Joomla! Apprentice
Joomla! Apprentice
Posts: 12
Joined: Wed Mar 02, 2011 5:49 am

Re: JMapMyLDAP - LDAP for 3.4

Post by dc03kks » Fri Jun 12, 2015 12:44 pm

Hi guys
i m using the amazing component
http://shmanic.com/tools/jmapmyldap/news.htm#11
for logging LDAP users. but i cant make it to work... :(

Project
I m working a project on joomla 3.4.1 for a University that wants that users will never register from joomla default registration. I m playing from localhost in an apache server. the site its not in the airt at the moment to give u access... :(
(so i have set from joomla user configuration the allow user registration to No .)

only the existing ldap users will login to the site and automatically will be created in the registered joomla user group...that is the main aim!!

I hope u understand so far...

My problem is that i m not familiar with the ldap and the configuration of your amazing component.

I was wondering if you can help me and any help would be really appreciated...

Data,
for testing i have an ldap server that i m connecting through Apache Directory Studio see attached files 1 , 2 and 3...
Image
Image
Image

Please some help cause i dont know what to do... :'(

thank you in advance ,,

mbeck_mic
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Fri Jun 12, 2015 7:42 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by mbeck_mic » Fri Jun 12, 2015 9:54 pm

Hi there,

I've inherited an existing Joomla installation which works for the most part. It juses JMapMyLDAP to connect to our Active Directory. We use it for an employee roster. We have groups for location, function and level.

Here is the problem: We added a new location. It is the only location that shows an n/a in the results when I look at the roster. I have the mapping list set up correctly as near as I can tell... the entry is CN=SITE_CW:73, where SITE_CW is our new location and 73 is the Joomla group number. I can see the group being filled by Joomla in AD.

When I go and look at a person in the roster, it does not show that it has properly switched the employee over to the new location - it still shows the old location.

Does anyone have any suggestions as to what is going on?

Thanks in advance,
Michael

rainstormza
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Thu Jul 02, 2015 4:38 am

Re: JMapMyLDAP - LDAP for 3.4

Post by rainstormza » Wed Jul 08, 2015 5:45 am

dc03kks wrote:Hi guys
i m using the amazing component
http://shmanic.com/tools/jmapmyldap/news.htm#11
for logging LDAP users. but i cant make it to work... :(

Project
I m working a project on joomla 3.4.1 for a University that wants that users will never register from joomla default registration. I m playing from localhost in an apache server. the site its not in the airt at the moment to give u access... :(
(so i have set from joomla user configuration the allow user registration to No .)

only the existing ldap users will login to the site and automatically will be created in the registered joomla user group...that is the main aim!!

I hope u understand so far...

My problem is that i m not familiar with the ldap and the configuration of your amazing component.

I was wondering if you can help me and any help would be really appreciated...

Data,
for testing i have an ldap server that i m connecting through Apache Directory Studio see attached files 1 , 2 and 3...
Image
Image
Image

Please some help cause i dont know what to do... :'(

thank you in advance ,,


try this

LDAP V3 : Yes
User DN / Filter : uid=[username]

SoulmatJF
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Fri Jul 31, 2015 9:20 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by SoulmatJF » Fri Jul 31, 2015 9:25 am

Hi,

I'm using JMapMyLdap (it works, impossible to work in LDAPS, so we were forced to use LDAP protocol...) and we always have a error message at the backend. After logging with local admin joomla, i'v got the error message saying me "Failed to find LDAP user" at the backend page.

How could i just make an exception for this local account in order to avoid the LDAP checking on it ?

Thank you very much for helping !

katarrah
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Thu Oct 08, 2015 1:56 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by katarrah » Thu Oct 08, 2015 2:02 pm

Hello,
i have some problems with the configuration of the LDAP.
I get the error "[0] No attributes found for test user."

In the ldap.debug error log is:

2015-10-08T13:49:32+00:00 101 Attempting connection to LDAP with host xxxxx
2015-10-08T13:49:32+00:00 101 Successfully connected to xxxxx. Setting the following parameters: ldapV3
2015-10-08T13:49:32+00:00 101 Successfully connected.
2015-10-08T13:49:32+00:00 101 Attempt to retrieve user distinguished name using 'uid=LDA,ou=Kunden,dc=xxxx,dc=de' with direct bind.
2015-10-08T13:49:32+00:00 101 Successfully authenticated LDA with distinguished name uid=LDA,ou=Kunden,dc=xxxx,dc=de.
2015-10-08T13:49:32+00:00 101 Closed connection.

The Login is working but i cant assign the usergroups in J! with the group mapping plugin.
I think its because of the error in the ldap config.

Can someone give me a hint how to get it work?

lacinfosys
Joomla! Apprentice
Joomla! Apprentice
Posts: 27
Joined: Fri Mar 28, 2014 1:10 am

Re: JMapMyLDAP - LDAP Password Change J3.4.4

Post by lacinfosys » Tue Oct 13, 2015 10:12 pm

Hi ShMaunder,

Are you the developer of shmanic LDAP for Joomla?

I just have a quick question and sorry to hijack this post for LDAP Group Mapping but I don't know how to get your attention if I create a new topic. Unless of course if you are one of this forum's administrator.

Anyways, we were able to install and make Shmanic LDAP v2 working with AD with LDAPS (quite a config to make it work properly). Now we're stuck with making the password change work properly with current password injection enabled. I keep on getting:

(50) Insufficient Access

But if I turn off Current Password Injection, I am able to change my password. For security purposes, we'd like to ask the user to enter Current Password before changing it.

Question is:

Does the Proxy User needs to have a read and write access to the Active Directory?
- If Yes, I tried to use a server administrator account but I am getting the same error.

Any suggestion?

Thanks,

Jackson

pcproffitt
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Tue Oct 18, 2005 1:33 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by pcproffitt » Mon Nov 09, 2015 9:00 pm

JMapMyLDAP Profile Plugin question:

Per Github information I successfully created a profile that works. The information on github seems to indicate that there should be / can be a language file associated with the profile. The profile goes in a directory defined in the plugin. But nothing seems to indicate where to put the language file. I've tried the obvious and not so obvious. I've tried:

Directories:
[my defined path for the profile as defined in the plugin as the base]
language/en-GB/
administrator/language/en-GB

Filenames: (for reference assume the profile is named 'my profile' in the plugin)
profile.ini
en-GB.profile.ini
en-GB.plg_ldap_profile.ini

Anyone successful in using a language file with the profile defined in the profile plugin?

k3f59
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Fri Jan 29, 2016 4:36 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by k3f59 » Fri Jan 29, 2016 4:43 pm

Hello,
I try to run the SSO with Joomla since yesterday but it doesn't work.
When the sso is on, if I connect to my site I get a 500 error.
Looking at the httpd error_log, I have this message:
PHP Fatal error: Class 'SHLdap' not found in /var/www/html/joomla/plugins/sso/edirldap/edirldap.php on line 97
To connect I use http://myserver/joomla/index.php?nosso=2
The ldap modules and managing group work well.
I use CentOs with Joomla 3.4.8.
Could someone help me?
Thank you

gabriel_nazario
Joomla! Fledgling
Joomla! Fledgling
Posts: 2
Joined: Tue Feb 23, 2016 5:45 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by gabriel_nazario » Thu Feb 25, 2016 12:47 pm

I use Joomla version 3.4.8 and the Shmanic component version 2.0.3.1. I also have a user base in AD (Active Directory) accounting for nearly 13,000 users. Out of these, the majority is mapped in the group “Registered” in Joomla and, besides the standard groups of Joomla, I have some groups with different access levels to the back-end (users are mapped using the plugin “LDAP – Group Mapping 2.0.3.1”).

Everything was going fine, but a few days ago I started facing problems with some users’ login. When they try to login (either in the back-end or in the front-end) the screen is updated, but the login doesn’t actually take place, i.e., the user remains unlogged, even after typing the right user and password. It occurs with just a few users randomly; whereas others in the same group are able to login normally. Moreover, no message of error or warning, indicating the reason for the action not to occur, appears.

As an attempt to find the cause of the problem, I decided to take the user out of the AD group it belonged and place him/her in a group mapped for “Super User”. This way, he/she could login. After that, I took the user back to his/her original group and the login kept failing.

The log files do not show any errors. On the contrary: they present the attempts to login as successful. The attached log files (ldap.debug.php, ldap.error.php, ldap.info.php) show the messages displayed for the users that could not login.

Any ideas of what might be happening? Has any other user reported similar problems?
You do not have the required permissions to view the files attached to this post.

joshuatan17
Joomla! Apprentice
Joomla! Apprentice
Posts: 11
Joined: Fri Jun 20, 2014 6:37 am

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by joshuatan17 » Thu Mar 10, 2016 12:01 pm

Hi Shaun & Everyone,

I like to find out from you some info regarding your extension.

1) Multiple AD Servers Authentication
There are 3 different AD servers each with different sets of users. If I enter all of them in the LDAP configuration, will it work?

2) I have a site running on Windows 7 with XAMPP. If I can enable sspi, will SSO work for/from windows desktop users?

3) If I transfer the site to a RedHat server, may I know what is needed for SSO to work?

Your fast response is highly appreciated!

Avastor
Joomla! Apprentice
Joomla! Apprentice
Posts: 5
Joined: Thu Apr 07, 2016 6:12 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by Avastor » Tue Apr 12, 2016 10:29 pm

I'm having a problem logging off SSO.

For example: on my first login... I login as an admin, then logout as an admin, then login as a different user/non-admin, then logout as the different user, but then I am automatically logged back in as an admin.

When I logout of any other account, I want to be completely logged out; I do not want to be logged in as my first SSO login. Is this possible? Thank you.

Edit: Something interesting I discovered. When I append index.php?nosso=2 at the end of my URL, then logout, I am completely logged out (not sure if I have to be on a different page from my login form for this to work). I am not sure if this the correct or easiest way though.

intranet_admin
Joomla! Apprentice
Joomla! Apprentice
Posts: 6
Joined: Fri Apr 10, 2015 1:20 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by intranet_admin » Thu Apr 14, 2016 11:36 am

Hi everyone,

Currently all of my users are pulled via JMapMyLDAP from Active Directory into Joomla. By default, they are assigned to the Registered group and any other groups specified. More recently, I tried to set up a higher level access than Registered - let's call it Guest. The idea was to open up some pages of our otherwise private website to some of our suppliers. I then changed default access to the site to Guest as well as all relevant menus/modules. Using a test account (not linked via JMAP), this worked.

However, now I've set up JMAP to pull in appropriate users into my new user group (and I was hoping, access level); I've realised that all users are assigned to the Registered access level by default and therefore the new 'Guests' can see everything assigned to the Registered user group (even though I have not specified that they should be able to view this access level in their user group settings).

My question: Is there a way of changing the default user group that users are assigned to when pulled in via JMAP to a higher level than Registered? Otherwise I'm thinking I'll need to create a new user group underneath Registered, switch everything on the site to that and then use Registered as the default Guest access. Which would be a very long process!

I'm sure there's a way - any help/advice much appreciated :).

Thanks, Sophie

dav_plan
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Wed Aug 10, 2016 1:33 pm

Re: JMapMyLDAP - LDAP Group Mapping for 1.6 / 1.7

Post by dav_plan » Wed Aug 10, 2016 1:45 pm

Hello,

We are currently installing an intranet within our company.
To be more specific, joomla 3.6.2 on linux (centos)

Our users will connect via LDAP SSO on joomla

We installed the JMapMyLDAP plugins for LDAP and SSO
Ok for LDAP authentication, it's ok.

But, for SSO, you can not make it work.
In the logs we have: "No detection SSO plugins found"
While the plugin is correctly installed with the user key and the username replacement.
If we test dummy via, authentication is ok with in the logs:
"Successfully detected user" username "using SSO plug-in PlgSSODUmmy"

Httpd.conf is configured this way:

# Directory of "sitename"
<Directory "/ var / www / html / sitename">
#
# Possible values ​​for the Options directive are "None", "All",
# Or Any combination of:
# Indexes Includes FollowSymLinks MultiViews SymLinksIfOwnerMatch ExecCGI
#
# Note That "MultiViews" must be named * * Explicitly --- "All Options"
# Does not give it to you.
#
# The Options directive is Both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# For more information.
#
Options Indexes FollowSymLinks

#
# AllowOverride controls what directives May be Placed in .htaccess files.
# It can be "All", "None", or Any combination of the keywords:
# Options FileInfo Limit AuthConfig
#
AllowOverride None

#
# Controls Who can get stuff from this server.
#
AuthType Kerberos
AuthName "Joomla Secure Login"
It KrbMethodNegotiate
It KrbMethodK5Passwd
KrbAuthRealms "domainname"
Krb5KeyTab /etc/krb5.keytab
require valid-user

</ Directory>

Do you have an idea ?

thank you ! ;)

pehu
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Fri Feb 03, 2017 1:40 pm

Re: JMapMyLDAP - User Filter

Post by pehu » Fri Feb 03, 2017 2:01 pm

Hello,

I'm going to use this plugin. I configured the LDAP Host successfully.
It is an openldap server (ubuntu).
The user filter is '(memberof=cn=joomla,ou=groups,dc=domain,dc=tld)'.
If I test/debug the ldap configuration, the debugging output says:

Attempting to get users using the All User Filter...
Found 3 users.

This is valid. I can log in as an user who is in this group. Ok.
But I can also log in as an user who is not in the group. This
is not right. Which configuration option prohibit this?

Thank you very much.


Locked

Return to “Extensions for Joomla! 2.5”