Loading

LDAP authentication - I created!

You want to see a new feature?

Re: LDAP authentication - I created!

Postby snake-bis » 02.11.2009, 18:17

Ho, and to add the Email adress imported from LDAP to the profile :

Code: Select all
// ---------------- Start of LDAP authentication code ----------------
        $auth_type="ldap"; // Possible values: ldap | mysql
        $ldap_server="XX.XX.XX.XX";
        $base_dn="DC=domain, DC=local";
      $root_dn="domain\ldap";
      $pass_dn="password";

        if ($auth_type == "ldap"){
                if($connect=@ldap_connect($ldap_server)){ // if connected to ldap server
                        ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
                  ldap_set_option($connect, LDAP_OPT_REFERRALS,0);
                        // bind to ldap connection
                        if(($bind=@ldap_bind($connect , $root_dn, $pass_dn)) == false){
                                print "bind:__FAILED__<br>\n";
                                return false;
                        }

                        // search for user
                  if (($res_id = ldap_search( $connect, $base_dn, "samaccountname=$user")) == false) {
                                print "failure: search in LDAP-tree failed<br>";
                                return false;
                        }

                        // verify if there is only one entry of this user:
                        if (ldap_count_entries($connect, $res_id) > 1) {
                                print "failure: user $user found more than once<br>\n";
                                return false;
                        }
                        elseif (ldap_count_entries($connect, $res_id) == 1){
                        //print "pllllll";
                        //return false;
                                if (( $entry_id = ldap_first_entry($connect, $res_id))== false) {
                                        print "failur: entry of searchresult couln't be fetched<br>\n";
                                        return false;
                                }

                                if (( $user_dn = ldap_get_dn($connect, $entry_id)) == false) {
                                        print "failure: user-dn coulnd't be fetched<br>\n";
                                        return false;
                                }

                                /* Authentifizierung des User */
                                if (($link_id = ldap_bind($connect, $user_dn, $pass)) == false) {
                                        print "failure: username, password didn't match: $user_dn<br>\n";
                                        return false;
                                }

                                // verify if user is already registered at database:
                                $sel0 = mysql_query("SELECT ID,pass FROM user WHERE name = '$user'");
                                $chk = mysql_fetch_array($sel0);

                                // if user already exists, just keep the password updated:
                                if ($chk["ID"] != "")
                                {
                                        if ($chk["pass"] != $pass)
                                        {
                                                $this->admin_editpass($chk["ID"], $pass, $pass);
                                        }
                                }
                                // if user isn't registered at database yet, add the user right now:
                                else
                                {
                              $filter = "(|(samaccountname=$user))";
                              $LDAPattributes = array("sn","givenname","mail");
                              $sr = ldap_search($connect, $base_dn, $filter, $LDAPattributes);
                              $entry = ldap_get_entries($connect, $sr);
                              //$entry[0]["mail"][0]
                                        $newid = $this->add($user, $entry[0]["mail"][0], 0, $pass, /*$admin*/1, /*$sysloc*/"");
                                }
                                unset($chk);
                                // Now the database is updated the system can try the normal database auth
                        }
                        @ldap_close($connect);
                }
        }
        // ---------------- End of LDAP authentication code ------------------
snake-bis
 
Posts: 3
Joined: 02.11.2009, 16:00

Re: LDAP authentication - I created!

Postby snake-bis » 10.12.2009, 18:38

it is not included
snake-bis
 
Posts: 3
Joined: 02.11.2009, 16:00

Re: LDAP authentication - I created!

Postby alissaknight » 01.04.2010, 23:14

Guys,

I have tried all the code examples and most recently, snake-bis. The error message I'm getting is:

"Fatal error: Call to undefined function ldap_connect()"



Alissa
alissaknight
 
Posts: 7
Joined: 01.04.2010, 06:49

Re: LDAP authentication - I created!

Postby alissaknight » 01.04.2010, 23:37

WORKING!!! If you get this error message it's because you do not have php5-ldap module installed. On ubuntu, simply install it by:

# sudo apt-get install php5-ldap
alissaknight
 
Posts: 7
Joined: 01.04.2010, 06:49

Re: LDAP authentication - I created!

Postby bunny1985 » 23.02.2012, 00:23

hi. It looks like i am writing to much ( I always said that forum is for reading , not for writing)
, but i have to say few words in ldap authentication

I use adldap for this with my own implementation, and it was not very dificult to deal with this, but:
it is important that you should always use ldaps - secured instead of clean ldap
for this to work you need ldap.conf configured ,certificates imported and port selected;


Why is it so important? becouse if you use ldap to authenticate, your password is sent as plain text. Anybody with a sniffer can see it.
Just remember that.
bunny1985
 
Posts: 8
Joined: 21.02.2012, 21:46

Re: LDAP authentication - I created!

Postby Eric » 19.04.2013, 16:56

LDAP authentication works with collabtive 1.0 ?

(it's very important for me)
Eric
 
Posts: 12
Joined: 21.03.2012, 14:41

Re: LDAP authentication - I created!

Postby Eva » 24.04.2013, 22:25

No, it is not implemented in Collabtive 1.0.
Project Management the way you like it: Collaborative - Open Source - Free

facebook.com/Collabtive
twitter.com/Collabtive
xing.com/companies/collabtive
linkedin.com/company/collabtive
User avatar
Eva
 
Posts: 1468
Joined: 01.01.2008, 23:31
Location: Saarbrücken, Germany

Re: LDAP authentication - I created!

Postby Eric » 02.05.2013, 15:21

Eva wrote:No, it is not implemented in Collabtive 1.0.


very, very bad news !!

(I'm ready to pay for this fonctionnality !)

does the patch from snake-bis work with the new version ?
Eric
 
Posts: 12
Joined: 21.03.2012, 14:41

Re: LDAP authentication - I created!

Postby Eric » 11.07.2013, 17:43

after testing, this patch for ldap authentication doesn't work.

I can't use collabtive without ldap authentication....

could you make a module ? I'm ready to pay for this module...

can i have an answer about that ?

@snake-bis could you upgrade your patch ?


thx !
Eric
 
Posts: 12
Joined: 21.03.2012, 14:41

Re: LDAP authentication - I created!

Postby Eva » 13.07.2013, 00:16

Dear Eric,

please contact us via e-mail, so we can talk about this as a custom modification: collabtive@o-dyn.de
Thank you! :)

Eva
Project Management the way you like it: Collaborative - Open Source - Free

facebook.com/Collabtive
twitter.com/Collabtive
xing.com/companies/collabtive
linkedin.com/company/collabtive
User avatar
Eva
 
Posts: 1468
Joined: 01.01.2008, 23:31
Location: Saarbrücken, Germany

PreviousNext

Return to Feature Requests

Who is online

Users browsing this forum: No registered users