AuthenticationPluginLdap and
AuthenticationPluginLdap and
Posted:Thu 02 of Jul, 2009 (00:17 UTC)Not sure if this is the correct place to post but here goes.
I have seen a couple of posts about getting BitWeaver to authenticate against Active Directory. I have successfully manage to get this to work with a few modifications to AuthenticationPluginLdap. BTW I'm using the latest version pulled from CVS last week.
In function validate
After the block starting with:
if ( $this->mConfigreqcert>'reqcert' ) {
I added the following:
// added this as the correct name is start_tls and when tls is unchecked is null
if ( is_null($this->mConfigtls>'tls') == true) {
$this->mConfigstart_tls>'start_tls' = false;
}
else {
$this->mConfigstart_tls>'start_tls' = true;
}
// added this as when referrals is unchecked is null
if ( is_null($this->mConfigreferrals>'referrals') == true) {
$this->mConfigreferrals>'referrals' = false;
}
else {
$this->mConfigreferrals>'referrals' = true;
}
// added this to pull all properties from Active Directory
$this->mConfigattributes>'attributes' = (array) null;
I replaced the line:
$attributes = $a->getAuthData('attributes');
with:
$attributes = $a->getAuthData();
I replaced the lines:
$this->mInfo"login" = $attributes[ $this->mConfiguserattr>'userattr' ]0;
$this->mInfo"email" = $attributes[ $this->mConfigemail>'email' ]0;
$this->mInfo"real_name" = empty($attributes[$this->mConfigname>'name']0) ? $this->mInfo"login" : $attributes[$this->mConfigname>'name']0;
with these:
$this->mInfo"login" = $attributes[ $this->mConfiguserattr>'userattr' ];
$this->mInfo"email" = $attributes[ $this->mConfigemail>'email' ];
$this->mInfo"real_name" = empty($attributes[$this->mConfigname>'name']) ? $this->mInfo"login" : $attributes[$this->mConfigname>'name'];
In function getSettings
rename 'users_ldap_useroc' to 'users_ldap_userfilter' and changed the 'default' to '(objectClass=inetOrgPerson)'
rename 'users_ldap_groupoc' to 'users_ldap_groupfilter' and changed the 'default' to '(objectClass=groupOfUniqueNames)'
changed the type of 'users_ldap_memberisdn' to 'checkbox' and 'default' to 'n'
I guess it would help if I gave the settings that I used as well.
LDAP Host - someserver
LDAP Port - 389
Use Start-TLS? - unchecked
Skip the SSL Cert validation? - checked
Use Referrals? - unchecked
LDAP Base DN - dc=example,dc=com
LDAP User DN - ou=users
LDAP User Attribute - sAMAccountName
LDAP User E-Mail Address - mail
LDAP User Display Name - displayName
LDAP User OC - (objectClass=user)
LDAP Group DN - ou=somegroup
LDAP Group Atribte - sAMAccountName
LDAP Group OC - (objectClass=group)
LDAP Member Attribute - member
LDAP Member Is DN - checked
LDAP Bind DN - cn=some user,ou=somegroup,ou=users,dc=example,dc=com
LDAP Bind Pwd - secret
LDAP Scope to use when searching for users - sub
I have replaced some of these with dummy values.
I did notice that if a checkbox is unchecked then the value is set to null rather than false, and that the start_ is being stripped of start_tls.
Hope this helps someone somewhere.
Sorry for the long post.
I have seen a couple of posts about getting BitWeaver to authenticate against Active Directory. I have successfully manage to get this to work with a few modifications to AuthenticationPluginLdap. BTW I'm using the latest version pulled from CVS last week.
In function validate
After the block starting with:
if ( $this->mConfigreqcert>'reqcert' ) {
I added the following:
// added this as the correct name is start_tls and when tls is unchecked is null
if ( is_null($this->mConfigtls>'tls') == true) {
$this->mConfigstart_tls>'start_tls' = false;
}
else {
$this->mConfigstart_tls>'start_tls' = true;
}
// added this as when referrals is unchecked is null
if ( is_null($this->mConfigreferrals>'referrals') == true) {
$this->mConfigreferrals>'referrals' = false;
}
else {
$this->mConfigreferrals>'referrals' = true;
}
// added this to pull all properties from Active Directory
$this->mConfigattributes>'attributes' = (array) null;
I replaced the line:
$attributes = $a->getAuthData('attributes');
with:
$attributes = $a->getAuthData();
I replaced the lines:
$this->mInfo"login" = $attributes[ $this->mConfiguserattr>'userattr' ]0;
$this->mInfo"email" = $attributes[ $this->mConfigemail>'email' ]0;
$this->mInfo"real_name" = empty($attributes[$this->mConfigname>'name']0) ? $this->mInfo"login" : $attributes[$this->mConfigname>'name']0;
with these:
$this->mInfo"login" = $attributes[ $this->mConfiguserattr>'userattr' ];
$this->mInfo"email" = $attributes[ $this->mConfigemail>'email' ];
$this->mInfo"real_name" = empty($attributes[$this->mConfigname>'name']) ? $this->mInfo"login" : $attributes[$this->mConfigname>'name'];
In function getSettings
rename 'users_ldap_useroc' to 'users_ldap_userfilter' and changed the 'default' to '(objectClass=inetOrgPerson)'
rename 'users_ldap_groupoc' to 'users_ldap_groupfilter' and changed the 'default' to '(objectClass=groupOfUniqueNames)'
changed the type of 'users_ldap_memberisdn' to 'checkbox' and 'default' to 'n'
I guess it would help if I gave the settings that I used as well.
LDAP Host - someserver
LDAP Port - 389
Use Start-TLS? - unchecked
Skip the SSL Cert validation? - checked
Use Referrals? - unchecked
LDAP Base DN - dc=example,dc=com
LDAP User DN - ou=users
LDAP User Attribute - sAMAccountName
LDAP User E-Mail Address - mail
LDAP User Display Name - displayName
LDAP User OC - (objectClass=user)
LDAP Group DN - ou=somegroup
LDAP Group Atribte - sAMAccountName
LDAP Group OC - (objectClass=group)
LDAP Member Attribute - member
LDAP Member Is DN - checked
LDAP Bind DN - cn=some user,ou=somegroup,ou=users,dc=example,dc=com
LDAP Bind Pwd - secret
LDAP Scope to use when searching for users - sub
I have replaced some of these with dummy values.
I did notice that if a checkbox is unchecked then the value is set to null rather than false, and that the start_ is being stripped of start_tls.
Hope this helps someone somewhere.
Sorry for the long post.
Re: AuthenticationPluginLdap and
Posted:Thu 02 of Jul, 2009 (17:23 UTC)Daniel - send me a copy and I'll merge it with the CVS copy
Boards Home
Loading…