vb.org Archive
Page 15 of 15 « First 51314 15
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Modification Graveyard (https://vborg.vbsupport.ru/forumdisplay.php?f=224)
-   -   Miscellaneous Hacks - LDAP Authentication (https://vborg.vbsupport.ru/showthread.php?t=196596)

ItsDrew 02-03-2012 11:01 PM
Quote:
Originally Posted by rguser (Post 2272179)
Has anyone conceived of the idea or attempted setting the username to the LDAP 'displayname' or 'givenname' and 'sn' while allowing the user to both login and authenticate using their LDAP credentials? ie, login as: jdoe, but username is set to John Doe so that all posts, member list, user profile and all show John Doe. My forum is internal, consists only of LDAP users all on the same domain and I've disabled registration since the LDAP auth code can create a new user. I've made a user profile field set to displayname but if I don't have to go through and modify the template to show the displayname userfield in lieu of username, that would be awesome.

Unless it's easier now to modify the template using the built-in search/replace? Suggestions or ideas?
rguser: Did you ever find a good solution to this? The LDAP passes their employee ID as their user logon (required). But I would rather have all their posts show as their LDAP "displayName."

The closest I got was to modify the product-ldap_auth-1.5.1_vb4.xml to set the usertitle to the LDAP displayName so at least their name is below their employee ID.

I'd like to know how you worked around this.

PHP Code:
} else {
      ($debug $debug ) ? print_log("New user. Creating with info from ldap") : false;
      $newuser->set('email'strtolower($userData[0]['mail'][0]));
      $newuser->set('customtitle'2);
      $newuser->set('usertitle', ($userData[0]['displayName'][0]));
      $newuser->set('username'$vbulletin->GPC['vb_login_username']);
      $newuser->set('usergroupid'2);
      $newuser->set_bitfield('options''adminemail'true);
      $newuser->set_bitfield('options''emailonpm'true);
      $newuser->set_bitfield('options''vm_enable'true);
      $newuser->set('pmpopup'1);
      $newuser->set('password'$passwd);
      $vbulletin->db->query_first_slave("
      UPDATE ".TABLE_PREFIX."user
      SET ldap=true
      WHERE username='"$vbulletin->GPC['vb_login_username'] ."'"); 

roarkh 02-28-2012 08:37 PM
I am relatively new to vBulletin still but have version 4.1.8 installed and working just fine with this plug-in. I have never performed a vBulletin upgrade before and was just wondering what to expect regarding installed plugins when upgrading from 4.1.8 to 4.1.10. Will the LDAP Authentication plugin continue to work as it does now? Or will it need to be modified and/or reinstalled?

Thanks in advance.

tdarvill 06-06-2012 02:07 PM
Are there any issues with using this mod on vBulletin 4.2.0?

rguser 08-30-2012 07:43 PM
Quote:
Originally Posted by ItsDrew (Post 2295869)
rguser: Did you ever find a good solution to this? The LDAP passes their employee ID as their user logon (required). But I would rather have all their posts show as their LDAP "displayName."

The closest I got was to modify the product-ldap_auth-1.5.1_vb4.xml to set the usertitle to the LDAP displayName so at least their name is below their employee ID.

I'd like to know how you worked around this.

PHP Code:
} else {
      ($debug $debug ) ? print_log("New user. Creating with info from ldap") : false;
      $newuser->set('email'strtolower($userData[0]['mail'][0]));
      $newuser->set('customtitle'2);
      $newuser->set('usertitle', ($userData[0]['displayName'][0]));
      $newuser->set('username'$vbulletin->GPC['vb_login_username']);
      $newuser->set('usergroupid'2);
      $newuser->set_bitfield('options''adminemail'true);
      $newuser->set_bitfield('options''emailonpm'true);
      $newuser->set_bitfield('options''vm_enable'true);
      $newuser->set('pmpopup'1);
      $newuser->set('password'$passwd);
      $vbulletin->db->query_first_slave("
      UPDATE ".TABLE_PREFIX."user
      SET ldap=true
      WHERE username='"$vbulletin->GPC['vb_login_username'] ."'"); 
Sorry for the very late response. Yes, I solved this similarly to how you have it.

The username is only valid from the login screen. Within the code the username is converted over to the full display name right away and used consistently throughout. New account vs existing account is determined by doing a search for the userData[0]['mail'][0].

In transition, I just wrote a script to update all usernames from user alias to full name.

Tweak589 09-29-2012 12:48 AM
Hello,

I am trying to set this up in 4.2.0 and am at a loss right now what I have done wrong. I don't have any errors or any problems so far. I've installed the plugin fine, have LDAP PHP module ready, etc.

I have read this thread and seen that the plugin has many improvements contributed to it and it seems that jimbot's post is where the latest version ends up: https://vborg.vbsupport.ru/showpost....&postcount=129

I've followed some instructions in post 127 as well, but I think my problem here is that I simply cannot connect to my LDAP server. My login system on vBulletin does not seem different at all, and is using my traditional "5 attempts" login. So you can imagine when trying this, it gets quite frustrating to have to wait 15 minutes to try logging in again. Every time I am trying new settings nothing changes. I am not sure if I am even connecting to Active Directory. This is what I have currently for settings:

My LDAP settings (having trouble connecting?):
LDAP Server: mydomain.blah.site.com
LDAP Port: xxxx
Anonymous Bind: NO
Bind DN: DOMAIN\username
Bind Password: xxxxxxxxxxx
Naming Attribute: sAMAccountNAme (how does this look, is it first initial + lastname? (e.g. John Doe = jdoe))
Search Base DN: CN=distributionlistname,OU=Distribution Lists,DC=max,DC=blah,DC=site,DC=com
LDAP Attributes: [blank]
Disable vBulletin USers: No
Allow Built-in Accounts: 1 (my admin account id)
Update username: No (I will play with this later)
Disallow disable LDAP logins: Yes
Debug: Yes (in hopes I can see what is wrong! But I don't even see debug output when logging in at the moment)


Any advice as to what works and doesn't work would be helpful. Thank you!

havokit 10-10-2012 04:15 PM
Quote:
Originally Posted by Tweak589 (Post 2369389)
Hello,

I My login system on vBulletin does not seem different at all, and is using my traditional "5 attempts" login. So you can imagine when trying this, it gets quite frustrating to have to wait 15 minutes to try logging in again.
I'm having difficulty too with the latest version 4

Wireshark on your LDAP / AD server can tell you if its hitting your server for authentication.. Use the filter ip.addr==192.168.1.34 or something similar

Also under General Settings turn off (Use Login "Strikes" System) which will remove the 15 minute gap problem!

Hope this helps!

Tweak589 10-10-2012 05:00 PM
Thanks havokit.

Hopefully someone comes along in this thread to resolve our connection issues in 4.2.0 :(. I didn't think a plugin such as this would be incompatible from a few older versions of 4.x. Perhaps it is something to do with the hook(s).

I am not knowledgeable with PHP or any of this, so I am stuck trying to figure this out.

miklr 01-30-2013 07:59 PM
Quote:
Originally Posted by Tweak589 (Post 2372092)
Thanks havokit.

Hopefully someone comes along in this thread to resolve our connection issues in 4.2.0 :(. I didn't think a plugin such as this would be incompatible from a few older versions of 4.x. Perhaps it is something to do with the hook(s).

I am not knowledgeable with PHP or any of this, so I am stuck trying to figure this out.
Tweak589, were you able to get this working? We are also in the process of LDAP implementation.

thanks :confused:

alexm 05-10-2013 12:50 PM
FWIW I've just done an upgrade from 4.1.10 to 4.2.1 and the plugin is still working fine for me!

My settings are:

LDAP Server dcname.domain.com
LDAP Port 389
Anonymous Bind No
Bind DN CN=Account Name,CN=Users,DC=domain,DC=com
Bind Password <password for above account>
Naming Attribute sAMAccountName
Search Base DN DC=domain,DC=com (see my earlier post in this thread about searching sub-OU's)
LDAP Attributes fullName,mail,sAMAccountName,displayname,title,l


All times are GMT. The time now is 06:03 PM.
Page 15 of 15 « First 51314 15
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01231 seconds
  • Memory Usage 1,777KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_php_printable
  • (4)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (9)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete