- 18 Nov 2016, 19:27
#2439
I had a hard time finding information on getting OpenCATS to work with my Windows based LDAP. After doing some trouble shooting I finally got it to work the way I would like.
Ldap settings in my config.php
Ldap settings in my config.php
Code: Select all
Changes I made in lib/LDAP.php
define ('LDAP_HOST', '10.0.0.2');
define ('LDAP_PORT', '389');
define ('LDAP_PROTOCOL_VERSION', 3);
define ('LDAP_BASEDN', 'cn=Users,dc=my,dc=domain,dc=com');
define ('LDAP_BIND_DN', '');
define ('LDAP_BIND_PASSWORD', '');
define ('LDAP_ACCOUNT', '$username'); // '{$username}' cannot be changed, else can
define ('LDAP_ATTRIBUTE_UID', 'samaccountname'); //default uid
define ('LDAP_ATTRIBUTE_DN', 'dn');
define ('LDAP_ATTRIBUTE_LASTNAME', 'sn');
define ('LDAP_ATTRIBUTE_FIRSTNAME', 'givenname');
define ('LDAP_ATTRIBUTE_EMAIL', 'userprincipalname'); //default mail
define ('LDAP_SITEID', 1);
Code: Select all
There is more than likely a better way of doing this, but it is what I found to work for me, so I thought I'd share it. This could also be enhanced upon to add functions that sets security based on the group that the user is in, in AD.//in the authenticate function
//$trans = array('{$username}' => $username); // My login failed with this
//$username = strtr(LDAP_ACCOUNT, $trans); // My login failed with this
$this->_bind = @ldap_bind($this->_connection, $username."@my.domain.com", $password); //domain appears to be stripped out in users.php
//in the getUserInfo function
$search = @ldap_search( $this->_connection, LDAP_BASEDN, LDAP_ATTRIBUTE_UID . '=' . $username);
- By ScottishSteve