bbPress

Simple, fast, elegant

bbPress Plugin Browser »

LDAP authentication for bbPress (2.0.2)

Download

Version: 2.0.2

Other Versions

Last Updated: 2007-6-22

Requires bbPress Version: 0.75 or higher

Compatible up to: 1.0 alpha build 872

Plugin Homepage »

Average Rating

5 stars
4 stars
3 stars
2 stars
1 star
(2)

Your Rating

Author: Sam Bauers

This plugin allows the administrator to specify an LDAP service for authentication.

When a user logs in, the local database is searched first, and then the LDAP server is searched.

When the user successfully authenticates to the LDAP server for the first time, a local record is created for them to hold their settings.

From then on the user is exactly the same as a local user, except that they still authenticate against the LDAP service, i.e. they have no local password. However, LDAP users can still be blocked if desired, just like normal users. Optionally, local user registration can be disabled.

LDAP users cannot edit their passwords in the profile area.

LDAP users login using their unique id, IE the value in their records "uid" attribute.

The email that is optionally retrieved will be the first email address listed in their "mail" attribute.


  1. sambauers

    5 stars
    4 stars
    3 stars
    2 stars
    1 star

    Key Master

    Can the external link here be changed to http://www.network.net.au/bbpress/plugins/ldap/ldap-authentication.latest.zip

    Thanks

    Posted: 2 years ago #

  2. sambauers

    5 stars
    4 stars
    3 stars
    2 stars
    1 star

    Key Master

    Never mind, I just found out where to do it.

    Posted: 2 years ago #

  3. sambauers

    5 stars
    4 stars
    3 stars
    2 stars
    1 star

    Key Master

    Version 2.0.1 is PHP4 compatible

    Posted: 2 years ago #

  4. grahamar

    Inactive

    Hello,

    I have just tried this plugin and - being a newbie - I am a little stumped.
    I put in the LDAP url and port but don't know what "DOMAIN" means.
    How could I find this out?
    I have a wiki that also uses LDAP and this works fine, so I am using the url and port
    settings for that - which look like:

    ldap://mycompany-ds:389/dc=mycompany,dc=com?uid?sub?(objectClass=*)

    I don't know where the "Domain" is in the above string or how I could determine it.

    Thanks in advance

    Graham

    Posted: 1 year ago #

  5. jsox78

    Member

    I too was hoping you could provide some incite into what information is required for the Domain field. I've tried a few different DN strings that I know are valid for my company's LDAP directory and none have worked to this point. Any assistance you can provide would be great.

    Posted: 1 year ago #

  6. Anonymous

    Unregistered

    Has *anyone* figured out how to get this working with the Domain and Options fields? How do I tell the plugin where to look up the user data?

    Posted: 12 months ago #

  7. rossgrady

    Member

    @Anonymous, here's how the domain field works. Let's say you have an LDAP directory for your organization, we'll call it example.com, and your particular set of users are the developers, so you have them in an ou called developers. Your username is anonymous, so your DN might be:

    uid=anonymous,ou=developers,o=example.com

    Or, if you also keep machine names in your LDAP directory, then you might keep your people separate in another ou, so your DN might be:

    uid=anonymous,ou=People,ou=developers,o=example.com

    In either case, for the purposes of this plugin, the "domain" is everything after the uid=<whatever> bit -- so in the first example, you'd put "ou=developers,o=example.com" into the Domain box. In the second example you'd put "ou=People,ou=developers,o=example.com" into the Domain box.

    What's happening is that the plugin is building the LDAP DN that it's going to use to try to authenticate your users, so it takes the username they supply, and it inserts it into a string that looks more or less like:

    uid=$user,$domain

    If your LDAP directory stores usernames in an attrib other than uid, you will need to edit the plugin file manually and change that. This is also true if you keep email addresses in something other than 'mail'.

    Speaking of editing the plugin, I switched to the 1.0Alpha release of bbpress and had to edit the plugin file, replacing the call to the deprecated "bb_user_exists" function with the name of the new/correct function, "bb_get_user." In case that helps anybody else.

    Posted: 5 months ago #

  8. villel

    Member

    I cannot get this to work with the latest bbpress version.

    LDAP accounts don't work, and even local accounts stop working as soon as I enable LDAP accounts. I had to remove the plugin files to be able to log back in to a keymaster account.

    The wpmu-ldap plugin works on my site, so I think I know what to use for each configuration setting. But nothing I've tried seems to work.

    Does anyone have this working with the latest bbpress?

    Posted: 5 months ago #

  9. slambert1971

    Member

    Well, I was able to get this plugin to work with a major hack. Our Active Directory server requires a prebind username/password, which this plugin did not support. I added functionality for that and to set the field name of the email (since ours was not mail) as well as account filter (since ours was not uid) in the options screen. Works well, but have to get approval from management to share with other users.

    If your active directory servers requires a prebind, this plugin WILL NOT work without modification.

    Posted: 5 months ago #

  10. slambert1971

    Member

    One other bug I found in this code is that when it creates the bbPress user, it does not include the 'nicename' in the query. Since nicename is a unique field, it causes an error and can't create the user. I added it to the code using the persons LDAP username as the nicename, but might change that later. Not sure when "nicename" was added to the database, but this is necessary for version 0.9.0.4.

    Posted: 5 months ago #

  11. vaughanb

    Member

    Using bbpress 0.9.0.4 and ldap-authentication.2.02.
    local account (admin) can log in fine.
    an LDAP user attempting to log in gets the error: 'Incorrect password' .
    Interestingly, if the user does NOT enter a password, he is allowed into bbpress, and can post, modify profile, etc.
    Any ideas?
    I am using:
    host: dir.companyname.org
    port <blank>
    Domain: dc=companyname, dc=org
    Options: <blank> <- what should go here?

    Posted: 3 months ago #

RSS feed for this topic

Add a Comment

You must log in to post.

Code is Poetry.