[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace() [function.preg-replace.php]: The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4752: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3887)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4754: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3887)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4755: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3887)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4756: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3887)
forum.nconf.org • View topic - Authentication_by_LDAP (Windows Active Directory)

Authentication_by_LDAP (Windows Active Directory)

Support requests, bug reports, questions etc.

Authentication_by_LDAP (Windows Active Directory)

Postby mainbuzzb » Mon Aug 10, 2009 09:35

Hi all!

I would like to authenticate by using ADS from Windows Domaincontroller to use NConf...
Is this possible? But I don't understand the Information I should fill in the authentication.php

Current settings:

define('LDAP_SERVER', "ldaps://DC-Server.our.domain");
define('LDAP_PORT', "389");
define('BASE_DN', "uid=<username>(????),ou=server-de,dc=dc-server,dc=our,dc=domain"); => what is uid for?
define('USER_REPLACEMENT', "<username>(????)"); => what should I set this?
define('GROUP_DN', "OU=Server,OU=Groups,OU=server-de,DC=dc-server,DC=our,DC=domain");
define('ADMIN_GROUP', "cn=SERVERNAME.NCONF.ADMINS");
define('USER_GROUP', "cn=sysadmin");

Could anybody help please.

Thanks @ all

mainbuzzb
mainbuzzb
starter
starter
 
Posts: 3
Joined: Fri Aug 07, 2009 20:32

Re: Authentication_by_LDAP (Windows Active Directory)

Postby agargiulo » Mon Aug 10, 2009 17:54

Hi.

I must admit, we have never tried authenticating NConf with MS AD.
The "ldap" authentication module is intended for a pam_ldap / nss_ldap compliant structure (DIT) as used for Unix systems. The structure should consist of two different trees, one for users and one for groups:

uid=john,ou=People,dc=mydomain,dc=com
ou=Group,dc=mydomain,dc=com

I guess if your AD meets these requirements and if it is LDAPv3 compliant, then authentication should work. But it has never been tested by us. I'm not sure how the user / group matching is done in AD.

The "<username>" is a placeholder, it's what NConf will replace with the username that you enter when you authenticate. You should leave it as default, just make sure the placeholder is in the proper position within the user dn:

uid=<username>,ou=People,dc=mydomain,dc=com ("<username>" will be replaced by "john")
User avatar
agargiulo
NConf developer
NConf developer
 
Posts: 725
Joined: Fri Mar 06, 2009 17:50
Location: Zurich, Switzerland

Re: Authentication_by_LDAP (Windows Active Directory)

Postby mainbuzzb » Tue Aug 11, 2009 03:06

Hi,

thanks for help, I now understand the <username> and for so far it works...
but:

I test with following function in a little script, so I could see what happens:

********************************************************************************************************************************************************************
//Search the directory
$sr = ldap_search($ldapconn,"CN=NCONF.ADMINS,OU=Server,OU=Groups,OU=DE-SITE,DC=my,DC=dom,DC=com", "(CN=USERNAME)")
or die ("ldap search failed ");

//Create result set
$entries = ldap_get_entries($ldapconn, $sr)
or die("function get_entries failed");

//Sort and print
echo "User count: " . $entries["count"] . "<br /><br /><b>Users:</b><br />";

for ($i=0; $i < $entries["count"]; $i++)
{
echo $entries[$i]["displayname"][0]."<br />";
}

//never forget to unbind!
ldap_unbind($ldapconn);
********************************************************************************************************************************************************************

But get :

***********************
User count: 0

Users:
**********************



If I go to my shell directly and send following command:

*********************************************************************************************************************************************************************************************************
ldapsearch -x -b "CN=NCONF.ADMINS,OU=Server,OU=Groups,OU=DE-SITE,DC=my,DC=dom,DC=com" -h ldapserver -D "domainname\username" -W | grep -i "CN=USERNAME"
*********************************************************************************************************************************************************************************************************



I get:
****************************************************************************************************************************
member: CN=USERNAME,OU=TEST_FOLDER,OU=Support,OU=Users,OU=DE-SITE,DC=my,DC=dom,DC=com
****************************************************************************************************************************



So it looks greate from the same linux box (CentOS5.3_Final), so what do I have to do to make your greate script going?

Thank you in advanced, for your hand!

greetz
mainbuzzb
mainbuzzb
starter
starter
 
Posts: 3
Joined: Fri Aug 07, 2009 20:32

Re: Authentication_by_LDAP (Windows Active Directory)

Postby mainbuzzb » Tue Aug 11, 2009 21:34

mainbuzzb
starter
starter
 
Posts: 3
Joined: Fri Aug 07, 2009 20:32

Re: Authentication_by_LDAP (Windows Active Directory)

Postby agargiulo » Mon Sep 07, 2009 17:02

Thank you for your input. We will analyze the changes and if possible try to integrate them into NConf.
I cannot tell how soon this can be realized. It has been added to the queue.

Thx, Angelo
User avatar
agargiulo
NConf developer
NConf developer
 
Posts: 725
Joined: Fri Mar 06, 2009 17:50
Location: Zurich, Switzerland

Re: Authentication_by_LDAP (Windows Active Directory)

Postby fgander » Tue Nov 30, 2010 14:00

We have implemented active directory authentication.

If there is someone who wants to test it, please send a message!

Regards Fabian
F.G. - NConf developer
http://www.nconf.org

Follow NConf on Twitter!
User avatar
fgander
NConf developer
NConf developer
 
Posts: 308
Joined: Mon Mar 16, 2009 14:23
Location: Bern, Switzerland


Return to Support (NConf 1.2.5)

Who is online

Users browsing this forum: No registered users and 1 guest

cron