Welcome, Guest
Username: Password: Remember me

TOPIC: OpenLDAP auth plugin

OpenLDAP auth plugin 1 year 1 month ago #97929

  • ulysse68
  • ulysse68's Avatar
  • OFFLINE
  • Junior Lime
  • Posts: 37
  • Thank you received: 2
  • Karma: 0
Hi all!

As many others, I am very interested in another way of authentication to the admin section of LS, via a LDAP server. The new AuthLDAP core plugin (I am using the 2.05b4 version) doesn't work in my case. After some time, I finally managed to make it work with my OpenLDAPv3 server, so I share this new plugin here :) -- sorry I am not familiar with git.

More work is required to improve this plugin: I would like to add the user in the LS database if it doesn't exist, rather than reject user/password (like for example the phpBB LDAP authentication method). Another idea would be to support more types of LDAP servers (including ldaps, which is not the case with my plugin). If you want to help developing, be welcome!
The administrator has disabled public write access.

OpenLDAP auth plugin 1 year 1 month ago #97930

  • ulysse68
  • ulysse68's Avatar
  • OFFLINE
  • Junior Lime
  • Posts: 37
  • Thank you received: 2
  • Karma: 0
Mmh... *.php attachement didn't work ? :(
The administrator has disabled public write access.

OpenLDAP auth plugin 1 year 1 month ago #97931

  • mdekker
  • mdekker's Avatar
  • OFFLINE
  • LimeSurvey Team
  • Posts: 341
  • Thank you received: 68
  • Karma: 38
Please open a ticket in the bug tracker for this and attach your file there. That way we can try to incorporate your changes in the 2.05 release.

It would be really helpful if you could make the changes using git, but file upload would be ok too in this case.
---
Menno Dekker
The administrator has disabled public write access.
The following user(s) said Thank You: ulysse68

OpenLDAP auth plugin 1 year 1 month ago #97932

  • ulysse68
  • ulysse68's Avatar
  • OFFLINE
  • Junior Lime
  • Posts: 37
  • Thank you received: 2
  • Karma: 0
OK, tried to use git: I forked the repo, made the changes and pushed back my plugin. You should see it here:
github.com/ulysse68/LimeSurvey/tree/2.05/plugins/AuthOpenLDAP
(tell me if it isn't public)
The administrator has disabled public write access.
The following user(s) said Thank You: DenisChenu

OpenLDAP auth plugin 1 year 1 month ago #97938

  • DenisChenu
  • DenisChenu's Avatar
  • OFFLINE
  • Moderator Lime
  • Posts: 6272
  • Thank you received: 800
  • Karma: 240
Great thanks.

Did you find why LDAP don't work with OpenLdap ? Token LDAP import work fine with OpenLdap

Denis
PS: thanks again.
The administrator has disabled public write access.

OpenLDAP auth plugin 1 year 1 month ago #97944

  • ulysse68
  • ulysse68's Avatar
  • OFFLINE
  • Junior Lime
  • Posts: 37
  • Thank you received: 2
  • Karma: 0
> Did you find why LDAP don't work with OpenLdap ?

Unlike other LDAP configurations (phpBB, ownCloud for the last ones I tried), only 2 fields are asked in the AuthLDAP core plugin: server name and username. Where can I specify:
- the version of LDAP (v2 or v3); I had to specify v3 in order to make it work
- if it is secured or not (might be useful in the future for me)
- the O.U. where my users are stored (in my case: ou=people)
- which attribute contains the username (in my case: "uid", but could be "mail")

My OpenLDAP server (LDAP.mydomain.com) was obviously waiting for a user string like "uid=myusername,ou=people,dc=mydomain,dc=com", and I also had to specify that it was LDAPv3.

But my understanding of LDAP is very limited ;)
The administrator has disabled public write access.
Moderators: ITEd
Time to create page: 0.114 seconds
Donation Image