LDAP,AD Einschränkung auf Gruppen
Moderator: Thorsten
Re: LDAP,AD Einschränkung auf Gruppen
EBUG INFORMATION:
/var/www/myfaq/inc/Init.php:
PMF_Configuration->getAll() in line 106:
SELECT
config_name, config_value
FROM
faqconfig
/var/www/myfaq/inc/PMF_User/CurrentUser.php:
PMF_Auth_AuthDb->checkLogin() in line 155:
SELECT
login
FROM
faquserlogin
WHERE
login = 'test1'
/var/www/myfaq/inc/Logging.php:
PMF_DB_Mysql->nextID() in line 125:
SELECT
MAX(id) AS current_id
FROM
faqadminlog
/var/www/myfaq/inc/Logging.php:
PMF_User_UserData->get() in line 127:
SELECT
user_id
FROM
faquserdata
WHERE
user_id = 0
/var/www/myfaq/admin/index.php:
PMF_Logging->logAdmin() in line 126:
INSERT INTO
faqadminlog
(id, time, usr, text, ip)
VALUES
(273, 1299698709, 0, 'Loginerror\\nLogin: domain\\test1\\nErrors: Specified login could not be found. ', 'ipaddress')
/var/www/myfaq/inc/Init.php:
PMF_Configuration->getAll() in line 106:
SELECT
config_name, config_value
FROM
faqconfig
/var/www/myfaq/inc/PMF_User/CurrentUser.php:
PMF_Auth_AuthDb->checkLogin() in line 155:
SELECT
login
FROM
faquserlogin
WHERE
login = 'test1'
/var/www/myfaq/inc/Logging.php:
PMF_DB_Mysql->nextID() in line 125:
SELECT
MAX(id) AS current_id
FROM
faqadminlog
/var/www/myfaq/inc/Logging.php:
PMF_User_UserData->get() in line 127:
SELECT
user_id
FROM
faquserdata
WHERE
user_id = 0
/var/www/myfaq/admin/index.php:
PMF_Logging->logAdmin() in line 126:
INSERT INTO
faqadminlog
(id, time, usr, text, ip)
VALUES
(273, 1299698709, 0, 'Loginerror\\nLogin: domain\\test1\\nErrors: Specified login could not be found. ', 'ipaddress')
Last edited by rybal06 on Wed Mar 09, 2011 8:24 pm, edited 1 time in total.
Re: LDAP,AD Einschränkung auf Gruppen
Hi,
I don't have any LDAP environment to test, so any feedback is highly appreciate!
bye
Thorsten
I don't have any LDAP environment to test, so any feedback is highly appreciate!
bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
amazon.de Wishlist
Re: LDAP,AD Einschränkung auf Gruppen
@rybal06
try this Code, worked for me. git changes didnt work me too.
try this Code, worked for me. git changes didnt work me too.
Code: Select all
if (true === $PMF_LDAP['ldap_use_memberOf']) {
$filter = sprintf('(&%s(memberof=%s))', $filter, $PMF_LDAP['ldap_mapping']['memberOf']);
}
Re: LDAP,AD Einschränkung auf Gruppen
Thanks for the alternate php code.
It is acting the same as the code from git, it does not allow any users to log in. When I set the ldap use memberOf to false, every user can log in as expected.
Here is what I have added to constants_ldap.php:
Here are the changes I made to inc\ldap.php
Removed the line
and put this in its place:
When I turned on debugging in the Init.php file, a log in attempt results in this error:
and
Has anyone gotten the memberOf filter to work with MS Active Directory? Thanks!
Ryan
It is acting the same as the code from git, it does not allow any users to log in. When I set the ldap use memberOf to false, every user can log in as expected.
Here is what I have added to constants_ldap.php:
Code: Select all
$PMF_LDAP['ldap_use_memberOf'] = true;
$PMF_LDAP['ldap_mapping']['memberOf'] = 'cn=helpdesk,ou=Users,dc=testdomain,dc=edu';
Removed the line
Code: Select all
$filter = "(" . $PMF_LDAP['ldap_mapping']['username'] . "=" . $username . ")";
Code: Select all
$filter = sprintf('(%s=%s)', $PMF_LDAP['ldap_mapping']['username'], $username);
if (true === $PMF_LDAP['ldap_use_memberOf']) {
$filter = sprintf('(&%s(memberof=%s))', $filter, $PMF_LDAP['ldap_mapping']['memberOf']);
}
Code: Select all
phpMyFAQ warning [2]: ldap_get_values() expects parameter 2 to be resource, boolean given in /var/www/myfaq/inc/Ldap.php on line 229
Code: Select all
/var/www/myfaq/admin/index.php:
PMF_Logging->logAdmin() in line 126:
INSERT INTO
faqadminlog
(id, time, usr, text, ip)
VALUES
(690, 1307989048, 0, 'Loginerror\\nLogin: test1\\nErrors: Specified password is not correct.',
Has anyone gotten the memberOf filter to work with MS Active Directory? Thanks!
Ryan
Re: LDAP,AD Einschränkung auf Gruppen
Hi,
from which branch did you fetched the code?
bye
Thorsten
from which branch did you fetched the code?
bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
amazon.de Wishlist
Re: LDAP,AD Einschränkung auf Gruppen
i am not able to understand language used here for this discussion . i am interested to look this discussion.
is there any setting in forum.phpmyfaq.de to view discussion in language (english)?
is there any setting in forum.phpmyfaq.de to view discussion in language (english)?
Re: LDAP,AD Einschränkung auf Gruppen
Hi,
user generated content won't be translated...
bye
Thorsten
user generated content won't be translated...
bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
amazon.de Wishlist
Re: LDAP,AD Einschränkung auf Gruppen
From this link: https://github.com/thorsten/phpMyFAQ/co ... 9c585712adThorsten wrote:Hi,
from which branch did you fetched the code?
bye
Thorsten
Is their a newer version?
Re: LDAP,AD Einschränkung auf Gruppen
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
amazon.de Wishlist
Re: LDAP,AD Einschränkung auf Gruppen
Thanks for the suggestion Thorsten, I greatly appreciate it!
I replaced my Ldap.php with the file from the link, and I am still having trouble using the ldap group authentication with AD. The printed errors are the same as before.
It is entirely possible I am missing something simple to make this work, any help would be appreciated.
Thanks,
Ryan
I replaced my Ldap.php with the file from the link, and I am still having trouble using the ldap group authentication with AD. The printed errors are the same as before.
It is entirely possible I am missing something simple to make this work, any help would be appreciated.
Thanks,
Ryan
Re: LDAP,AD Einschränkung auf Gruppen
Hi,
we need help from "fraggler" because I don't have this kind of test environment... or is it possible to get access to your server?
bye
Thorsten
we need help from "fraggler" because I don't have this kind of test environment... or is it possible to get access to your server?
bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
amazon.de Wishlist
Re: LDAP,AD Einschränkung auf Gruppen
I apologize! I found a simple syntax error, I had ou= where I needed cn= in my ldap group definition. I am using the ldap.php from the 2.7 git link you sent earlier.
Thanks for your quick assistance, your product works well, and my organization is very close to adopting this, and we are excited for the release of 2.7. If we end up going with this product, we will definitely find a way to make a donation in some way for all of your
(and the other developers) time and hard work. If there is ever any other way I can be of assistance, please let me know. I have very little php experience, but I do have a test server with a daily copy of my production faq for testing.
Thanks for your quick assistance, your product works well, and my organization is very close to adopting this, and we are excited for the release of 2.7. If we end up going with this product, we will definitely find a way to make a donation in some way for all of your
(and the other developers) time and hard work. If there is ever any other way I can be of assistance, please let me know. I have very little php experience, but I do have a test server with a daily copy of my production faq for testing.
Re: LDAP,AD Einschränkung auf Gruppen
Hi,
is it working now?
Thanks for using phpMyFAQ!
bye
Thorsten
is it working now?
Thanks for using phpMyFAQ!
bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
amazon.de Wishlist
Re: LDAP,AD Einschränkung auf Gruppen
All is working well.
Thanks!
Thanks!
Re: LDAP,AD Einschränkung auf Gruppen
Hi,
thanks! This is great!
bye
Thorsten
thanks! This is great!
bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
amazon.de Wishlist