I can't take complete credit for this as it was based on a previous plugin written by Brian Adams and Guenter Bartsch.
I've abstracted the ldap communication to a separate class, and created the group based mapping.. see my previous post on integration.
This is a work in progress, as I want to make the configuration a bit more fluid and add some further options.
It currently requires PHP 5.3 or higher, but can be modified to work with earlier versions.
I'll add a post about tweaks that can be done to it later.
To install:
Unzip the file and copy the folder to the plugins directory.
To use the plugin:
Step 1 - Configure the server:
First enter the ldap server address and port.
Select the Directory type.
For AD, enter admin name, password and domain.
For all directories, enter the base dn, User container and login field.
Click create users, and select group based.
Enable the plugin and then click Save.
( See setup screen shot )
Step 2: Configure groups
Go back into the plugin options, and if it has managed to contact the ldap server you will see a list of groups in the directory that can now be mapped to groups in resource space.
Select the group mapping as required, and don't forget to enable each group for login!
The users for AD need to login using the format user@domain, users in LDAP / OD should login with the shortname.
NOTE : The download link has been removed as the plugin is now included in Resource Space as standard.
Hello, thank you for your work.
ReplyDeleteI'm trying to configure the plugin with resourcespace, but no avail.
I use AD and everything is set correctly. On the logon screen, when valid username@domain and pass are set I recieve the incorect login screen, but on the first line there is: authArray ( [mail] => xxx@company.com [sn] => Xxxx [cn] => Xxxx Xxx [givenname] => Xxx [dn] => CN=Xxxx Xxx,OU=Team,OU=Department,OU=Office,OU=Company,DC=company,DC=local ) I've edited the details.
When I log locally as admin and try to change options for the plugin from plugins manager I get:
GOT TO THE GROUP SELECT Array ( [host] => 192.xxx.xx.xx [basedn] => OU=Company,DC=company,DC=local )
/var/www/html/rs/plugins/posixldapauth/hooks/ldap_class.php line 299: Undefined variable: retGroups
My understanding is that this error means the plugin is not able to read AD groups and map them to RS groups. Or maybe it's something else. In the plugin options I have left unchecked Group Based User Creation, but this does not help. Create user is checked and default user group is General users. Can I somehow skip group checking on AD and create just General users? Thank You.
Hi, thanks for your post.
ReplyDeleteYou are correct in your understanding of the error.
It's basically saying that it can't find the groups within the AD.
If you send me your email address I'll try and help you debug it.
David
Hey, thanks for posting this guide. I cant seem to get it to work properly. When I try to sign in I get this error:
ReplyDeleteauthArray ( [cn] => alice [givenname] => alice [dn] => CN=alice,CN=Users,DC=qxfr,DC=com ) group based
I am not entirely sure why I get said error or how to fix it. Do you have any ideas? Thanks!
Hello,
ReplyDeleteI am using your plugin with resource space DAM, the plugin manages to see my groups but i am still unable to auth via LDAP OD.
It passes the test with my base dn and config.
Any suggestions??
Hi Rodolfo, can you send me your email address ( I won't publish it ! ) Can you also tell me which version of the plugin you are using, and send a screen shot of the config page.
ReplyDeleteThanks
David
Fixed in ResourceSpace revision 5700
ReplyDelete