Author Topic: LDAP Integration  (Read 10722 times)

Hitman

  • Newbie
  • *
  • Posts: 13
    • View Profile
LDAP Integration
« on: September 24, 2009, 03:31:39 pm »
I need help.

Ineed to be able to authenticate my OpenGoo users with my (Mac OS X) LDAP Server. I followed the instructions given by a user in the post "http://forums.opengoo.org/index.php?topic=2297.0" but I can't get this to work... 

Here is what I did so far:

- Downloaded and extracted the patch in my OpenGoo Root directory.
- I placed every file in the patch into the right folders.
- Downloaded PEAR Net_LDAP2 v2.0.6.
- Extracted the content of Net_LDAP2 to the following directories:
       * LDAP2.php --> opengoo_root/library/PEAR/
       * LDAP2 folder --> opengoo_root/library/PEAR/Net
- Configured opengoo_root/config/ldap.config.php with the following settings:

 // The configuration array:
  $config_ldap = array (
      'basedn'    => 'cn=users,dc=serveur1,dc=dct,dc=com',
      'starttls'  => false,
      'port'      => 389,
      'version' => 3,
      'binddn'    => '',   
      'bindpw'    => '',
      'host'      => 'serveur1.dct.com',
      'uid'       => 'uid' //Change in according with your settings to match the userid entry
  );

I was able to connect to my LDAP tree using those settings in ldapbrowser so I think those settings are correct.

        *In OpenGoo, I created a user whose id is the thing as its uid in the LDAP tree.
        * Restarted my web server.

Now, when I login with any username (local to OpenGoo or LDAP based), I only get a blank white page. And when I try to login with a username that does not exist in OpenGoo nor in LDAP, I get the "Failed to log you in" error message.

What am I doing wrong?

I can I debug this? I don't get any errors in LDAP.

I really hope someone can help me with this... OpenGoo seems to be a great product but we really need a solution that can bind to our LDAP server.

Goudal

  • Newbie
  • *
  • Posts: 2
    • View Profile
    • Email
Re: LDAP Integration
« Reply #1 on: October 15, 2009, 05:08:14 pm »
It seems that there is a bug in the search functions.
I have corrected a bit the code and it works :
In the function
       function isValidPasswordLdap($user, $password, $config) {
In the User.class.pho file the end of the function is now :

                if ($search->count() != 1) {
                    return false;
                }
                foreach($search as $dn => $dummy) {
                }
                $bind_result = $ldap->bind( $dn, $password);

                if (PEAR::isError($bind_result)) {
                        return false;
                }
                return true;
}

Than in the Access Controller.class.php I have added a test to keep the admin as a local user...

     $userIsValidPassword = $user->isValidPasswordLdap($username, $password, $config_ldap);
                        if (!$userIsValidPassword) {
                          $userIsValidPassword = $user->isValidPassword($password);
                        }
                        } else {
                          $userIsValidPassword = $user->isValidPassword($password);
                        }





mixmax

  • Newbie
  • *
  • Posts: 7
    • View Profile
Re: LDAP Integration
« Reply #2 on: November 28, 2009, 11:54:46 pm »
Just so everyone knows... I've just started working on adding LDAP authentication. Two screenshots attached. Hopefully, this will be ready for 1.7.

Pet

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 638
  • Always mining for solutions!
    • View Profile
    • The Bet!
Re: LDAP Integration
« Reply #3 on: November 29, 2009, 12:51:02 am »
excellent!
Support OpenGoo - Sponsor a Feature! | Follow me on Twitter | OG Support Chat | Did you turn debugging on?

Hitman

  • Newbie
  • *
  • Posts: 13
    • View Profile
Re: LDAP Integration
« Reply #4 on: November 30, 2009, 10:24:23 am »
Yup, this is great!

markc

  • Freshman
  • *
  • Posts: 47
    • View Profile
Re: LDAP Integration
« Reply #5 on: January 19, 2010, 09:29:03 pm »
It seems that there is a bug in the search functions.
I have corrected a bit the code and it works :
In the function
       function isValidPasswordLdap($user, $password, $config) {
In the User.class.pho file the end of the function is now :

                if ($search->count() != 1) {
                    return false;
                }
                foreach($search as $dn => $dummy) {
                }
                $bind_result = $ldap->bind( $dn, $password);

                if (PEAR::isError($bind_result)) {
                        return false;
                }
                return true;
}


I see what you've done with the test for the admin user (thanks for that!), but I don't understand what necessitated the patch to the search function? Accessing the data with a hard coded zero index should be okay since there was a prior test for there being only one returned result from ldap.

My setup is working without this search patch so I'm curious as to the logic.

Thank you,
Mark

allenlook

  • Volunteer Moderator
  • Sr. Member
  • ****
  • Posts: 312
    • MSN Messenger - sii_lookal@hotmail.com
    • View Profile
    • SI Group, Inc.
Re: LDAP Integration
« Reply #6 on: February 08, 2010, 10:06:20 am »
Very cool!  Can't wait for 1.7 :)
I am a volunteer moderator.  Any statements, opinions or observations I contribute are solely mine and are not necessarily shared by the makers of Feng Office.

zunix

  • Newbie
  • *
  • Posts: 1
    • View Profile
    • Email
Re: LDAP Integration
« Reply #7 on: May 23, 2012, 08:49:45 am »
hey every body , Please i need you help

actually i install fengoffice_2.0.0 and i mange to integerate it with ldap

1.download the patch and i configure ldap ldap.config.php
 
there is file

<?php

  /**
  * ldap.config.example.php is sample configuration file for ldap authentication.
  * Rename it in ldap.config.php and change the values acconrding to your env.
  *
  * @author Luca Corbo <luca.corbo@2bopen.org>
  */
 
  // The configuration array:
  $config_ldap = array (
      'startrls' =  false,
      'binddn'    => 'uid=LDAP Admin,ou=System Accounts,dc=XXXX,dc=com',
      'bindpw'    => 'XXXXX',
      'basedn'    => 'ou=People,dc=XXXX,dc=com',
      'host'      => 'ldap://127.0.0.1:389',
      'uid'       => 'LDAP Admin' //Change in according with your settings to match the userid entry
  );
  return true;
 
?>

but when i tried to access to get a blank page and i tried to edit the code as u mentioned be4 but i failed and i still have the same problem please help me because i like this product  and