AD / OD / LDAP Plugin
David Mac (new)
For anyone who wants to try the plugin, it's now available via my blog
with setup instructions.
http://idletechnology.blogspot.com/
Thanks to those who have helped debug it, there's still a few things I
want to improve!
Please leave comments there if you find it useful!
David
Tom Gleason
your blog. Thanks for your work!
> --
> You received this message because you are subscribed to the Google Groups "ResourceSpace" group.
> To post to this group, send email to resour...@googlegroups.com.
> To unsubscribe from this group, send email to resourcespac...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/resourcespace?hl=en.
>
>
--
Tom Gleason
Vice President, Engineering
Colorhythm LLC
http://www.colorhythm.com
Main Office: +1 415-399-9921
Fax: +1 253-399-9928
Mobile: +1 347-537-8465
David Mac (new)
Thanks for that, I really appreciate the feedback!
It's great to be able to contribute to such a great system, and a big
thanks to you, Dan, and everyone else involved in Resource Space!
Regards
David
On Nov 28, 9:16 pm, Tom Gleason <t...@buildadam.com> wrote:
> I appreciate the work that is going into sharing your explorations on
> your blog. Thanks for your work!
>
> On Mon, Nov 28, 2011 at 4:13 PM, David Mac (new) <djwh...@mac.com> wrote:
>
>
>
>
>
> > Hi all
>
> > For anyone who wants to try the plugin, it's now available via my blog
> > with setup instructions.
>
> >http://idletechnology.blogspot.com/
>
> > Thanks to those who have helped debug it, there's still a few things I
> > want to improve!
>
> > Please leave comments there if you find it useful!
>
> > David
>
> > --
> > You received this message because you are subscribed to the Google Groups "ResourceSpace" group.
> > To post to this group, send email to resour...@googlegroups.com.
> > To unsubscribe from this group, send email to resourcespac...@googlegroups.com.
> > For more options, visit this group athttp://groups.google.com/group/resourcespace?hl=en.
>
> --
> Tom Gleason
> Vice President, Engineering
> Colorhythm LLChttp://www.colorhythm.com
>
> Main Office: +1 415-399-9921
> Fax: +1 253-399-9928
> Mobile: +1 347-537-8465
>
Tom Gleason
I see you've used the plugin config manager. That's something I've
been working on.
Two observations: First of all, the default config file should be
config/config.php (it will be loaded automatically that way), and you
shouldn't manually include the config files within the plugin,
generally speaking.... however....
In this case, the configs themselves could break the system, and then
you wouldn't be able to edit the configs via the web-interface.
I'm wondering what your experience with the config manager is (is it
working for you or is it problematic)... In this case, you may
actually want to go with a different system, where you write to the
plugin's config.php instead of using set_plugin_config(), since this
loads the configs into the database and they need to be correct. If
you were to write to a config file instead, then of course you can use
manual includes.
I'm wondering if ldap is the kind of plugin that should avoid
web-interface config, since again, setting something wrong could break
access completely, and upon configuration, the user may do best by
editing a config.php file manually.
Any thoughts?
> For more options, visit this group at http://groups.google.com/group/resourcespace?hl=en.
>
>
--
Tom Gleason
Vice President, Engineering
Colorhythm LLC
http://www.colorhythm.com
Main Office: +1 415-399-9921
Fax: +1 253-399-9928
Mobile: +1 347-537-8465
Tom Gleason
on, so you wouldn't want to lose it. Maybe my thoughts only apply to
the connection information?
Tom Gleason
Also, take my thoughts with a grain of salt, because I haven't got an
actual LDAP server here to test with; it's only theoretical, but I
just want to make sure that using the plugin config manager is the
right way to go for you, because it's fairly new and has only been
used for very basic configurations so far using standard functions.
Your setup page is quite complex, so I appreciate any feedback on your
experience using the database-installed configs.
Tom
David Mac (new)
Thanks for the input!
I really like the config manager, which is why I decided to use it.
I can understand the concerns about it breaking the system, and whilst
I was testing I purposefully entered the wrong details into the setup
to see what happens. I was able to log in to RS using a a local admin
account, but when I tried to edit the config it bombed.
Now here's why I really like the config manager.
All I had to do was disable the plugin, delete the config and then re-
enable the plugin and re-config!
Because the group mapping dynamically interacts with the ldap to
enable you to configure it, I don't think it's practical to edit a
config file manually as it would become quite complex and lead to
problems. The simplicity of the config manager also means that the
config gets backed up with the rest of the DB, which is a major plus
in my book :) The other advantage of keeping it in the DB is that
there is very little chance of file corruption / accidental deletion.
I haven't had any problems with the config manager, very nicely
implemented IMHO!
The plugin is still a work in progress at the moment as it was written
to solve a particular problem.
The next bit I'm working on is to add a test connection button on the
config page so that the connection and groups can be set correctly
before enabling the plugin.
Regards
David
> >> Colorhythm LLC
> >>http://www.colorhythm.com
>
> >> Main Office: +1 415-399-9921
> >> Fax: +1 253-399-9928
> >> Mobile: +1 347-537-8465
>
>
> > --
> > Tom Gleason
> > Vice President, Engineering
> > Colorhythm LLC
> >http://www.colorhythm.com
>
> > Main Office: +1 415-399-9921
> > Fax: +1 253-399-9928
> > Mobile: +1 347-537-8465
>
Gary Etchells
solved our problems - a few personal configuration tweaks were needed
but they were handled perfectly by David.
We spent weeks upon weeks searching for a solution to LDAP
authentication - and this plugin sorted it within a few hours!
I would recommend this plugin if you want to authenticate with OD /
AD.
Gary
Larry Wapnitsky
/var/www/resourcespace/plugins/posixldapauth/hooks/ldap_class.php line 107: ldap_search(): Search: Operations error
My config is as follows (names changed to protect the innocent):
Enabled - x
LDAP Server - 10.102.2.30 Port: 389
LDAP Type - Active Directory
AD Admin - admi...@mydomain.com
AD Password - somepassword
AD Domain - mydomain.com
Base DN - DC=mydomain, DC=com
User Container - users
Login Field - samaccountname
User Suffix - ldap
Create Users - X
Group Based User Creation - X
New User Group - General Users
I followed the graphic from the website to configure this. I have tried uid and samaccountname with no luck.
Jörg Wagner
i had the same problem.
The solution was to insert into hooks/ldap_class.php
after line 59 (ldap_set_option($this->ldapconn,
LDAP_OPT_PROTOCOL_VERSION, 3);)
following code:
ldap_set_option($this->ldapconn, LDAP_OPT_REFERRALS, 0);
On 1 Feb., 19:46, Larry Wapnitsky <la...@kvetsch.com> wrote:
> When I configure this to connect to my AD server, I'm receiving the
> following error after trying to re-enter the configuration or log in as an
> AD user:
>
> /var/www/resourcespace/plugins/posixldapauth/hooks/ldap_class.php line 107:
> ldap_search(): Search: Operations error
>
> My config is as follows (names changed to protect the innocent):
>
> Enabled - x
>
> LDAP Server - 10.102.2.30 Port: 389
>
> LDAP Type - Active Directory
>