Hellos all thanks to the help of ackbarr yesterday I was able to finally find the hack for LDAP auth, but I have ran into an issue since I am not familar with LDAP or PHP I thought maybe one of you could help me out. The issue is that once LDAP is choosen as the auth method I can't get in I think this is due to the way my LDAP is setup, but I am not sure how to fix the ldap.php file to make the auth work. I have sent samples of my slpad.conf, ldap user dump, and the ldap.php file for you all to review and maybe you can point me in the right direction.
Once again thank you to all that take the time to help a confused man out!
Thanks
-SUNADMN
hack link :
https://xoops.org/modules/newbb/viewtopic.php?forum=14&topic_id=19401slapd.conf :
# rootdn can always write!
access to dn=".*,dc=bla-dc,dc=net" attr=userPassword
by dn="cn=root,dc=bla-dc,dc=net" write
by self write
by * auth
access to dn=".*,dc=bla-dc,dc=net" attr=mail
by dn="cn=root,dc=bla-dc,dc=net" write
by self write
by * read
access to dn=".*,ou=People,dc=bla-dc,dc=net"
by * read
access to dn=".*,dc=bla-dc,dc=net"
by self write
by * read
#######################################################################
# ldbm database definitions
#######################################################################
database ldbm
suffix "dc=bla-dc,dc=net"
#suffix "o=My Organization Name,c=US"
rootdn "cn=root,dc=bla-dc,dc=net"
rootpw {MD5}04GGiVZs36uRJo0B+Pu+GA==
#rootdn "cn=Manager,o=My Organization Name,c=US"
# Cleartext passwords, especially for the rootdn, should
# be avoided. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
# rootpw secret
# rootpw {crypt}jtRCFcSNctBYg
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd/tools. Mode 700 recommended.
directory /var/lib/ldap
# Indices to maintain
index objectClass,uid,uidNumber,gidNumber,memberUid eq
index cn,mail,surname,givenname eq,subinitial
updatedn "cn=root,dc=bla-dc,dc=net"
LDAP user Dump :
[root@noc LDAP]# more ldapdump
version: 2
#
# filter: uid=*
# requesting: ALL
#
# nocuser, People, bla-dc, net
dn: uid=nocuser,ou=People,dc=bla-dc,dc=net
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: kerberosSecurityObject
objectClass: shadowAccount
cn: nocuser
sn: nocuser
uid: nocuser
mail:
nocuser@mydomain.comkrbName:
nocuser@mydomain.comloginShell: /bin/rbash
uidNumber: 713
gidNumber: 599
homeDirectory: /home/cgist
gecos: Chad Gist (19548 Senior NE)
userPassword:: YZFgbWFkMQ==
departmentNumber: 1
shadowLastChange: 1
shadowMin: -1
shadowMax: 99999
shadowWarning: 30
shadowInactive: -1
shadowExpire: 12692
employeeType: password
ldap.php :
/**
* LDAP authentication class.
* This class handles user's authentication through standard LDAP directory
*
* @author Benoit Mercier
*/
require_once XOOPS_ROOT_PATH.'/kernel/user.php';
class AuthenticationService{
//LDAP directory parameters
var $uid_attr = "uid";
var $mail_attr = "mail";
var $name_attr = "cn";
var $surname_attr = "sn";
// var $givenname_attr = "givenname";
var $location_attr = "l";
var $office_attr = "physicaldeliveryofficename";
var $sernum_attr= "gestelnumber";
var $ldap_server = "ldap.myhost.com";
var $ldap_port = 389;
var $base_dn = "ou=People,dc=bla-dc,dc=net";