Login

Doudoux · 09-17-2010, 12:40 AM

Hello,

here is my code to use the LDAP Microsoft into LetoDMS.
I have only one LDAP microsoft, I did not test the changes with other LDAP.

op.Login.php - Step 1

PHP Code:
//
// LDAP Sign In
// 

to

PHP Code:
//
// LDAP Sign In
//
$ldapSearchAttribut = "uid=";
$tmpDN = "uid=".$login.",".$settings->_ldapBaseDN;

if (isset($settings->_ldapType))
{
    if ($settings->_ldapType==1)
    {
        $ldapSearchAttribut = "sAMAccountName=";
        $tmpDN = $login.'@'.$settings->_ldapAccountDomainName;
    }
} 

op.Login.php - Step 2

PHP Code:
        if ($bind) {        
            $search = ldap_search($ds, $settings->_ldapBaseDN, "uid=".$login);
            if (!is_bool($search)) {
                $info = ldap_get_entries($ds, $search);
                if (!is_bool($info) && $info["count"]>0) {
                    $dn = $info[0]['dn'];
                }
            }
        } 

to

PHP Code:
        if ($bind) {        
            // $search = ldap_search($ds, $settings->_ldapBaseDN, "uid=".$login);
            $search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut.$login);
            if (!is_bool($search)) {
                $info = ldap_get_entries($ds, $search);
                if (!is_bool($info) && $info["count"]>0) {
                    $dn = $info[0]['dn'];
                }
            }
        } 

op.Login.php - Step 3

PHP Code:
        if (is_bool($dn)) {
            // This is the fallback position, in case the anonymous bind does not
            // succeed.
            $dn = "uid=".$login.",".$settings->_ldapBaseDN;
        } 

to

PHP Code:
        if (is_bool($dn)) {
            // This is the fallback position, in case the anonymous bind does not
            // succeed.
            // $dn = "uid=".$login.",".$settings->_ldapBaseDN;
            $dn = $tmpDN;
        } 

op.Login.php - Step 4

PHP Code:
        if ($bind) {

            // Successfully authenticated. Now check to see if the user exists within
            // the database. If not, add them in, but do not add their password.
            $user = getUserByLogin($login);
            if (is_bool($user) && !$settings->_restricted) {
                // Retrieve the user's LDAP information.
                $search = ldap_search($ds, $dn, "uid=".$login); 

to

PHP Code:
        if ($bind) {

            // Successfully authenticated. Now check to see if the user exists within
            // the database. If not, add them in, but do not add their password.
            $user = getUserByLogin($login);
            if (is_bool($user) && !$settings->_restricted) {
                // Retrieve the user's LDAP information.
                // $search = ldap_search($ds, $dn, "uid=".$login);
                $search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut . $login); 

inc.Settings.php - Step 5

PHP Code:
    // var $_ldapHost = ""; // URIs are supported, e.g.: ldaps://ldap.host.com
    // var $_ldapPort = 389; // Optional.
    // var $_ldapBaseDN = ""; 

to

PHP Code:
    // var $_ldapHost = ""; // URIs are supported, e.g.: ldaps://ldap.host.com
    // var $_ldapPort = 389; // Optional.
    // var $_ldapBaseDN = "";
    // var $_ldapAccountDomainName = "";
    // var $_ldapType = 1; // 0 = Generic LDAP ; 1 = Microsoft LDAP 

for example:

PHP Code:
    var $_ldapHost = "server.domain.loc";
    var $_ldapPort = 389;
    var $_ldapBaseDN = "OU=Users,DC=domain,DC=loc";
    var $_ldapAccountDomainName = "domain.loc";
    var $_ldapType = 1; // 0 = Generic LDAP ; 1 = Microsoft LDAP 

**matteo lucarelli** · (This post was last modified: 09-17-2010, 03:42 PM by matteo lucarelli.)

I cannot test it. I'll insert this in the new release (2.0.1) leaving the comment where they are so users can test it.

Thank you

tme · 09-17-2010, 06:18 PM

Great!

Login
Username:
Password:	Lost Password?
	Remember me