After much troubleshooting and searching... I just wanted to share my settings that worked for me to login into XOOPs with LDAP authentication into my eDirectory (which I'll post below). But I do have one question remaining...

What's the point?

I wanted to use the ldap auth so I can log into XOOPS using credentials from my eDir so I don't have to maintain users in both eDirectory and XOOPs. But as I'm finding out (unless I've still got some configuration wrong), I still need to maintain the users in two places. If I try to login as a user with eDir credentials but no XOOPs account, I get an error that there is no cooresponding user. Like I said, unless I've still got something wrong, I don't see a point when I still have to maintain users in two places. The only possible advantage I see is if there are any modules that can interact with eDir resources (such as viewing files on a netware server), and the authentication is needed for rights to those resources.

Anyone else have any thoughts on this? Am I off the rocker (ok, don't answer)? Confused? Mis-configured? Any point to it?

Thanks for any feedback!


Background:
We have one tree say "TEST" (t=TEST) and two organizations one of which is also named "TEST" (o=TEST) and my user is directly under there (cn=Deldrin).

XOOPs Settings:
Auth Method - LDAP Directory
Port - 389
Server Name - server.domain.com
Base DN - o=TEST (tried t=TEST but it didn't work. I'd rather it worked because users in my other organization won't can't login now)
LDAP Manager - cn=Deldrin,0=TEST (tried cn=Deldrin,0=TEST,t=TEST but it didn't work I'd rather it worked because users in my other organization won't can't login now)
Password - *******
LDAP attribute to search the user - cn
The search filter LDAP query to find user - (&(objectclass=*)(cn=@@loginname@@)

Yep, think you got that right. I can't remember who was working on that but he's making good progress and I think is working on syncronizing the directories as well so no more maintaing users in two places.

One thing I noticed is that once you get the user in both places, login to xoops, logout, change user password in your LDAP directory and then you can login to XOOPS with both the old and new password....kind of convenient as your users would never forget their password(well that might be wishful thinking) but not very secure.

Check this - LDAP

Seth

Thanks for the reply. I look forward to this feature. My goal is to use XOOPS as a company portal and I'm hoping to find a module that will read a Netware file directory for document management. At least the the LDAP authentication will probably allow users to authenticate to the file directories. It will be a big plus once it allows me to use LDAP as the central place for user info.

No matter what my needs and wants are (like anyone), I give a big thumbs up and thank you too all the experienced programmers that have contributed their work for the benefit of all. I do consider my self lucky to have the functionality I have.