1
dkroft
ldap auth: uid / uname / employee_number - not matching up
  • 2006/1/25 20:26

  • dkroft

  • Just popping in

  • Posts: 14

  • Since: 2004/6/2 1


i have been searching trying to find some hints/ideas/solutions - but here i am again . . .

i am trying to authenticate using ldap -
i am getting rather confused as to what is expected for these values:
- uid APPEARS mean different things to XOOPS and our LDAP
XOOPS appears to want a numeric value for uid
our LDAP uid is a string - more appropriate to the XOOPS uname

- our LDAP
uid - text - user login name
employee_number - numeric - looks like what XOOPS wants for uid

- Xoops
uname - text - user login name

first, i am certain of what our LDAP looks like, but please confirm that my understanding of what XOOPS is supposed to like is correct.

second, what is the appropriate configuration for setting this up?

third, it appears (after fiddling with ldap_uid_asdn) that even when ldap authenticates correctly, XOOPS still tries to match the password in the MySQL db table - which i CANNOT do (no passwords to be stored locally.

does this make sense?

thanks,
d-

2
dkroft
Re: ldap auth: uid / uname / employee_number - not matching up
  • 2006/1/26 18:42

  • dkroft

  • Just popping in

  • Posts: 14

  • Since: 2004/6/2 1


humm, the silence is deafening . . .

for what it's worth, i have nade the following edit to .../kernel/user.php:

function &loginUser($uname, $pwd, $md5 = false) {
if (!$md5) {
$pwd = md5($pwd);
}
$criteria = new CriteriaCompo(new Criteria('loginname', $uname));
// $criteria->add(new Criteria('pass', $pwd)); <-- commented out this line

it appears to be working for me.
ymmv

3
pemen
Re: ldap auth: uid / uname / employee_number - not matching up
  • 2006/1/26 20:38

  • pemen

  • Not too shy to talk

  • Posts: 186

  • Since: 2002/7/8 7


Hi,

What version of XOOPS do you use ?
If XOOPS still tries to match the password in the MySQL db table, it's because you don't have the last version of this hack.

Go here to dowload the good version :

Authentication hack for XOOPS 2.0.13.1


Authentication hack for XOOPS 2.2.x

You don't have to modify user.php !!!

The uid in XOOPS can be a numeric or string.
In XOOPS the uid is the login name == uname in XOOPS
(uid for unique identifier)

The option ldap_uid_asdn :

yes : your XOOPS uname is in your LDAP DN ! for example
uid=dkroft, dc=mycompany,dc=us

no : your XOOPS uname is not in the DN so XOOPS need to search the LDAP entry.


You can use this option in the preferences if this isnot uid in your LDAP Server.

LDAP Attribute use to search the user : uid or other


Quote:
NOTE : The only things is that your LDAP entrey must have a XOOPS equivalent account (link by the uid). The synchronisation is not automatic for the moment : In the next versions.
Identity management, LDAP, Workflow and more
XoopsPro

Login

Who's Online

59 user(s) are online (31 user(s) are browsing Support Forums)


Members: 0


Guests: 59


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Aug 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits