phpMyFAQ

May I know how to configure LDAP? I have try all the option in the Forum buy still not able to connect to openldap.

Just a question. after connect to ldap do i need to create the user in the myfaq system to allow the ldap user to login?

Hi,

which error do you get? The phpMyFAQ user will be automatically created!

bye
Thorsten

Hi shiunhan,
Thanks for sharing this information. I think you’re very much interested about connect to OPENLDAP.



To use the example code

* Run the console application, using the following syntax.

ConnectLDAP.exe ldapServer user pwd domain targetOU

1.Specify the arguments, listed in the following table, when calling the console application.

ldapServer

The server name. For example: myDC1.testDom.fabrikam.com

user

The user name. For example: user1

pwd

The password. For example: secret@~1

domain

The Active Directory domain. For example: testDom

targetOU

The target organizational unit (OU). For example: OU=samples,DC=testDom,DC=fabrikam,DC=com



Example:

using System;
using System.Net;
using System.DirectoryServices;
using System.DirectoryServices.Protocols;
using System.Security.Permissions;

namespace ConnectLDAP
{
[DirectoryServicesPermission(SecurityAction.LinkDemand, Unrestricted = true)]

public class LDAPConnect
{
// static variables used throughout the example
static LdapConnection ldapConnection;
static string ldapServer;
static NetworkCredential credential;
static string targetOU; // dn of an OU. eg: "OU=sample,DC=fabrikam,DC=com"

public static void Main(string[] args)
{
try
{
GetParameters(args); // Get the Command Line parameters

// Create the new LDAP connection
ldapConnection = new LdapConnection(ldapServer);
ldapConnection.Credential = credential;
Console.WriteLine("LdapConnection is created successfully.");
}
catch (Exception e)
{
Console.WriteLine("\r\nUnexpected exception occured:\r\n\t" + e.GetType() + ":" + e.Message);
}
}

static void GetParameters(string[] args)
{
// When running: ConnectLDAP.exe <ldapServer> <user> <pwd> <domain> <targetOU>

if (args.Length != 5)
{
Console.WriteLine("Usage: ConnectLDAP.exe <ldapServer> <user> <pwd> <domain> <targetOU>");
Environment.Exit(-1);// return an error code of -1
}

// test arguments to insure they are valid and secure

// initialize variables
ldapServer = args[0];
credential = new NetworkCredential(args[1], args[2], args[3]);
targetOU = args[4];
}
}

Thanks again,
Abraham

Hi,

yes, and what's the issue with phpMyFAQ?

bye
Thorsten

Hi

I have confer the ldap.php with the following but still not sure why it is not connected to ladp. Even if i have enable the ldap in the Miain Configuration.

$PMF_LDAP["ldap_server"] = 'ldap-fp1..xyz.com';
$PMF_LDAP["ldap_port"] = '389';
$PMF_LDAP["ldap_user"] = 'myfaquser';
$PMF_LDAP["ldap_password"] = 'password';
$PMF_LDAP["ldap_base"] = 'ou=user,dc=xyz';

Do i need to restart any service for the LDAP authentication to work?
For user to use the phpmyfaq. i have to create user in both phpmyfaq and also my LDAP or just create in LDAP and user will automatically created in phpmyfaq?

Please advise as i am very new to LDAP and the configuration.

Thanks

Hi,

looks okay. If you use LDAP you don't have to create the users in phpMyFAQ. This will be done by LDAP.

bye
Thorsten

Hi Thanks for your reply.
But after configure as i mention before. i still cannot access my LDAP and when i login using my id from LDAP it say wrong password.

Hi,

I have try to look at the traffic and i can see that there is authentication from the LDAP servers but there is still error "Wrong username or password." when trying to login.

Can i check if OPENLDAP is support by phpmyfaq?

Under the constants_ldap.php, it seem like it is connecting to a windows AD. Is there any parameters to change here?

// Datamapping - in this example for an ADS
$PMF_LDAP['ldap_mapping'] = array (
'name' => 'cn',
'username' => 'samAccountName',
'mail' => 'mail'
);

// In a multi-domain environment, users may enter a prefix as domain, e.g. "DOMAIN\username"
// If possible, you should use the Microsoft Glocal Catalog as LDAP-Server, which comes
// with every ADS-Installation.
$PMF_LDAP['ldap_use_domain_prefix'] = true;

// LDAP-options to set
// refer to the documentation of ldap_set_option() for information on available options
$PMF_LDAP["ldap_options"] = array (
LDAP_OPT_PROTOCOL_VERSION => 3,
LDAP_OPT_REFERRALS => 0 );

// Option for adding a check on LDAP groups
// Default: false
$PMF_LDAP['ldap_use_memberOf'] = false;
$PMF_LDAP['ldap_mapping']['memberOf'] = '';

// Option for binding to LDAP directory using SASL
// Default: false
$PMF_LDAP['ldap_use_sasl'] = false;
[root@myfaq config]# more constants_ldap.php

Hi,

you have to change the constants_ldap.php file with the the schema how you use LDAP.

bye
Thorsten

Hi Thanks for the reply,

I have try to set the constants_ldap to the scheme of our ldap.

Can i denote inside the constant_ldap.php:
"name " is the display name,
"username" is the username that will be compare with the username that the user enter?
"mail" is the email address.

I have set the following but still not able to work.// Datamapping - in this example for an ADS
$PMF_LDAP['ldap_mapping'] = array (
'name' => 'gecos',
'username' => 'uid',
'mail' => 'mail'
);

// In a multi-domain environment, users may enter a prefix as domain, e.g. "DOMAIN\username"
// If possible, you should use the Microsoft Glocal Catalog as LDAP-Server, which comes
// with every ADS-Installation.
$PMF_LDAP['ldap_use_domain_prefix'] = true;

For the ldap.php can i check is this setting allow?

$PMF_LDAP["ldap_server"] = 'ldap-fp1.xyz.com';
$PMF_LDAP["ldap_port"] = '389';
$PMF_LDAP["ldap_user"] = 'uid=myfaquser,ou=user,dc=xyz';
$PMF_LDAP["ldap_password"] = 'password';
$PMF_LDAP["ldap_base"] = 'ou=user,dc=xyz';

please advise,
Thanks

Hi,

the
should be only a technical LDAP user account.

bye
Thorsten

HI

Sorry, I don't really understand what you saying. can you please explain more, Thanks