Hello once again all I am trying to figure out the users/groups inside XOOPS what I have done is created some test users and a few test groups but the question I have is how does one go about building a group and hten adding users to that group??? Is this possible in the system??


Thanks
-SUNADMN

Hellos all thanks to the help of ackbarr yesterday I was able to finally find the hack for LDAP auth, but I have ran into an issue since I am not familar with LDAP or PHP I thought maybe one of you could help me out. The issue is that once LDAP is choosen as the auth method I can't get in I think this is due to the way my LDAP is setup, but I am not sure how to fix the ldap.php file to make the auth work. I have sent samples of my slpad.conf, ldap user dump, and the ldap.php file for you all to review and maybe you can point me in the right direction.

Once again thank you to all that take the time to help a confused man out!

Thanks
-SUNADMN

hack link :

https://xoops.org/modules/newbb/viewtopic.php?forum=14&topic_id=19401

slapd.conf :

# rootdn can always write!
access to dn=".*,dc=bla-dc,dc=net" attr=userPassword
by dn="cn=root,dc=bla-dc,dc=net" write
by self write
by * auth

access to dn=".*,dc=bla-dc,dc=net" attr=mail
by dn="cn=root,dc=bla-dc,dc=net" write
by self write
by * read

access to dn=".*,ou=People,dc=bla-dc,dc=net"
by * read

access to dn=".*,dc=bla-dc,dc=net"
by self write
by * read
#######################################################################
# ldbm database definitions
#######################################################################

database ldbm
suffix "dc=bla-dc,dc=net"
#suffix "o=My Organization Name,c=US"
rootdn "cn=root,dc=bla-dc,dc=net"
rootpw {MD5}04GGiVZs36uRJo0B+Pu+GA==
#rootdn "cn=Manager,o=My Organization Name,c=US"
# Cleartext passwords, especially for the rootdn, should
# be avoided. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
# rootpw secret
# rootpw {crypt}jtRCFcSNctBYg
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd/tools. Mode 700 recommended.
directory /var/lib/ldap
# Indices to maintain
index objectClass,uid,uidNumber,gidNumber,memberUid eq
index cn,mail,surname,givenname eq,subinitial
updatedn "cn=root,dc=bla-dc,dc=net"

LDAP user Dump :

[root@noc LDAP]# more ldapdump
version: 2

#
# filter: uid=*
# requesting: ALL
#

# nocuser, People, bla-dc, net
dn: uid=nocuser,ou=People,dc=bla-dc,dc=net
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: kerberosSecurityObject
objectClass: shadowAccount
cn: nocuser
sn: nocuser
uid: nocuser
mail: nocuser@mydomain.com
krbName: nocuser@mydomain.com
loginShell: /bin/rbash
uidNumber: 713
gidNumber: 599
homeDirectory: /home/cgist
gecos: Chad Gist (19548 Senior NE)
userPassword:: YZFgbWFkMQ==
departmentNumber: 1
shadowLastChange: 1
shadowMin: -1
shadowMax: 99999
shadowWarning: 30
shadowInactive: -1
shadowExpire: 12692
employeeType: password

ldap.php :

<?php
/**
* LDAP authentication class.
* This class handles user's authentication through standard LDAP directory
*
* @author Benoit Mercier <benoit.mercier@users.sourceforge.net>
*/

require_once XOOPS_ROOT_PATH.'/kernel/user.php';

class AuthenticationService{

//LDAP directory parameters
var $uid_attr = "uid";
var $mail_attr = "mail";
var $name_attr = "cn";
var $surname_attr = "sn";
// var $givenname_attr = "givenname";
var $location_attr = "l";
var $office_attr = "physicaldeliveryofficename";
var $sernum_attr= "gestelnumber";
var $ldap_server = "ldap.myhost.com";
var $ldap_port = 389;
var $base_dn = "ou=People,dc=bla-dc,dc=net";

Ok so I have changed the given files made the dir and insured that all files have the correct owner/permissions, but now in the mainfile.php if I change the login from XOOPS to ldap and attempt to login into the site I still auth off the DB. I was assuming this would break the auth period is this not true?? also where can I find some sample code of how to use the LDAP auth?? I am looking for the below or a pointer to an example of it ( new to PHP sorry ).

Simply said, for each authentication mechanism you want to support, you have to write one and only one file with an implementation o
f the following methods (see sample implementations for more details):

function &loginUser($uname, $pwd)
function &loginUserMd5($uname, $pwd)
function logoutUser()
function loginPage()
function checkLogin()

Save this file under /include/authentication_services/, reference it in mainfile.php and apply the hack to system files (cfr. sectio
n "How to use the apply the hack")


ANSWERED my own question bad me for not lookinf further before posting please disregard this message.

here is what I am looking for samples of ( sorry I am very new to PHP and need a reference for this ) where are the samples at???

Simply said, for each authentication mechanism you want to support, you have to write one and only one file with an implementation o
f the following methods (see sample implementations for more details):

function &loginUser($uname, $pwd)
function &loginUserMd5($uname, $pwd)
function logoutUser()
function loginPage()
function checkLogin()

Save this file under /include/authentication_services/, reference it in mainfile.php and apply the hack to system files (cfr. sectio
n "How to use the apply the hack")


Also on a side note for the define line that I have to add to the mainfile.php where exactly should that go, inside the main IF statement or just at the top of the file???

Ok I have done the listed features now I am looking for some examples of the imlementation of the service, i.e. the file called in the main file to start the auth method can you help with this???

Hello all I have just installed XOOPS on my lab system and I am looking for a few things. I have been testing phpWebsite for some time and it seems nice but the level of permissions I am looking for is not really there so with that said it's on to my questions.

LDAP: I have viewed at www.cmsmatrix.com that XOOPS has the ability to handle AUTH of a user via LDAP, but I have not been able to find this mod on the site anywhere can anyone point me in the correct direction? Also on a side note how will user permissions be handled with an LDAP auth??

Groups: I would like to be able to have a very fine user/groups system in place with the portal ( this is for a NOC webpage ) what I am looking for is the ability to spread permissions over a wide range of pages/docs on a user/groups level. With that said I want to be able to have groups like UNIX, NOC, NETENG, and IMP and then have users under these groups with only the ability to view docs in their group, but also be able to assign certain users the ability to view certain pages/docs that reside in another group. Is this possible in XOOPS??

IRC: Is there any sort of IRC channel for XOOPS, if so what is the server/channel for it??

Thanks
-SUNADMN