OpenLDAP auth plugin

More
3 years 8 months ago #97929 by ulysse68
Hi all!

As many others, I am very interested in another way of authentication to the admin section of LS, via a LDAP server. The new AuthLDAP core plugin (I am using the 2.05b4 version) doesn't work in my case. After some time, I finally managed to make it work with my OpenLDAPv3 server, so I share this new plugin here :) -- sorry I am not familiar with git.

More work is required to improve this plugin: I would like to add the user in the LS database if it doesn't exist, rather than reject user/password (like for example the phpBB LDAP authentication method). Another idea would be to support more types of LDAP servers (including ldaps, which is not the case with my plugin). If you want to help developing, be welcome!

Please Log in to join the conversation.

More
3 years 8 months ago #97930 by ulysse68
Mmh... *.php attachement didn't work ? :(

Please Log in to join the conversation.

More
3 years 8 months ago #97931 by mdekker
Please open a ticket in the bug tracker for this and attach your file there. That way we can try to incorporate your changes in the 2.05 release.

It would be really helpful if you could make the changes using git, but file upload would be ok too in this case.

---
Menno Dekker
The following user(s) said Thank You: ulysse68

Please Log in to join the conversation.

More
3 years 8 months ago #97932 by ulysse68
OK, tried to use git: I forked the repo, made the changes and pushed back my plugin. You should see it here:
github.com/ulysse68/LimeSurvey/tree/2.05/plugins/AuthOpenLDAP
(tell me if it isn't public)
The following user(s) said Thank You: DenisChenu

Please Log in to join the conversation.

More
3 years 8 months ago #97938 by DenisChenu
Great thanks.

Did you find why LDAP don't work with OpenLdap ? Token LDAP import work fine with OpenLdap

Denis
PS: thanks again.

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand (or search sondages pro).

Please Log in to join the conversation.

More
3 years 8 months ago #97944 by ulysse68
> Did you find why LDAP don't work with OpenLdap ?

Unlike other LDAP configurations (phpBB, ownCloud for the last ones I tried), only 2 fields are asked in the AuthLDAP core plugin: server name and username. Where can I specify:
- the version of LDAP (v2 or v3); I had to specify v3 in order to make it work
- if it is secured or not (might be useful in the future for me)
- the O.U. where my users are stored (in my case: ou=people)
- which attribute contains the username (in my case: "uid", but could be "mail")

My OpenLDAP server (LDAP.mydomain.com) was obviously waiting for a user string like "uid=myusername,ou=people,dc=mydomain,dc=com", and I also had to specify that it was LDAPv3.

But my understanding of LDAP is very limited ;)

Please Log in to join the conversation.