LDAP authentication issue

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Get Involved
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
Locked
zuber
Registered User
Posts: 17
Joined: Tue Aug 11, 2009 11:18 am

LDAP authentication issue

Post by zuber »

Hell-o!

I've found out that LDAP authentication does not support such scenario:
- LDAP server does not allow anonymous binding
- there is no special account for AD user
- but is allows binding for any registered user, but account suffix must be added to the user name

I couldn't get PHP LDAP auth to work with such conditions. I managed to do this with mediawiki (https://www.mediawiki.org/wiki/Extensio ... entication) and with Wordpress (active-directory-integration.1.1.4.zip plugin).

Configuration of Wordpress plugin for the easiest one.

So I modified auth_ldap.php to support such config on my side.

But question is: couldn't PHP LDAP support my scenario natively? :)


Here is my config example:
LDAP server name: ldap://europe.company.net
LDAP base dn: DC=company,DC=net
LDAP uid: sAMAccountName
LDAP e-mail attribute: mail
but for binding I need such username: sAMAccountName@company.net

And I need that AD user is also: sAMAccountName@company.net with its password.

I attached my auth_ldap.php which solved the problem for me - but it isn't general solution.
Attachments
auth_ldap.php
(9.97 KiB) Downloaded 8 times
User avatar
AmigoJack
Registered User
Posts: 6016
Joined: Tue Jun 15, 2010 11:33 am
Location: グリーン ヒル ゾーン
Contact:

Re: LDAP authentication issue

Post by AmigoJack »

Thanks for reporting, I created PHPBB3-13103 so your solution won't get lost. In the end only a few more configuration settings should be enough to support your scenario.
  • "The problem is probably not my English but you do not want to understand correctly. ... We will not come anybody anyway, nevertheless, it's best to shit this." Affin, 2018-11-20
  • "But this shit is not here for you. You can follow with your. Maybe the question, instead, was for you, who know, so you shoved us how you are." axe70, 2020-10-10
  • "My reaction is not to everyone, especially to you." Raptiye, 2021-02-28
Locked

Return to “[3.0.x] Support Forum”