Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.6 > vBulletin 3.6 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
vBulletin Ldap Authentication Plugin Details »»
vBulletin Ldap Authentication Plugin
Version: 1.00, by malcolmx malcolmx is offline
Developer Last Online: Mar 2020 Show Printable Version Email this Page

Category: Integration with vBulletin - Version: 3.6.10 Rating:
Released: 05-30-2007 Last Update: Never Installs: 44
Uses Plugins
Re-useable Code Code Changes Additional Files Translations  
No support by the author.

I am using vbulletin for a long time now and before there was the plugin system introduces i hacked every single version of vb to enable ldap authentication. with the introduction of the plugin system i have written a little plugin that works in every version since VBulletin 3.5. This Plugin is the buyable VBulletin Ligh Authentication from http://www.sartori.at. now its FREE.

Since its working and i will not enhance this small plugin anymore, i will make it public. If there are any enhancements, i can put it into my versioning system and update this plugin.

In contrast to the ldap authentication from zemic my board can authenticate against every - already deployed - ldap directory without changeing the encryption type.

If the ldap user is not added in the VBulletin database, the user is automatically added the first time he authenticates against the ldap. if the user already exists then nothing is changed, except the authentication against the directory.

in the admin or moderator panel no user is authenticated against the directory.

Requirements
  • php with ldap support

Installation Notes:
  1. copy ldapAuth directory to your vb forum installation directory
  2. change the path to controller.php directory in ldap-plugin.xml
  3. copy the hooks_ldap.xml to FORUM_ROOT/inclucdes/xml directory
  4. in login.php search for:
    PHP Code:
    if ($vbulletin->GPC['vb_login_username'] == '')
             {
              eval(
    standard_error(fetch_error('badlogin'$vbulletin->options['bburl'], ....
             } 
    insert below:
    PHP Code:
    ($hook vBulletinHook::fetch_hook('ldap_login_hook')) ? eval($hook) : false
  5. activate plugin system (if not done already) in admincp
  6. in admin cp import the product at "Download / Upload" Plugins
  7. in global.php search for:
    PHP Code:
    $show['nopasswordempty'
    and change:
    PHP Code:
    defined('DISABLE_PASSWORD_CLEARING') ? 0
    to:
    PHP Code:
    defined('DISABLE_PASSWORD_CLEARING') ? 1
  8. configure the ldap settings in: ldapconfig.inc.php
  9. test the product


Additional Notes:
If you are running a Microsoft Active Directory as Ldap server you have to change some settings to allow anonymous queries. This is described at
Novell and Microsoft


I would be happy if you support my modification in any way. Install or nominate it or donate some cents at paypal.

Supporters / CoAuthors

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #82  
Old 06-20-2008, 12:52 PM
kraj kraj is offline
 
Join Date: Dec 2007
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hello there,
first: Thank you very much for this plugin. It's quite useful

But I've got a problem. I just wanted to authenticate the admins against the LDAP, too, and tried the hint to comment out the following part:

PHP Code:
if(($vbulletin->GPC['logintype'] == "cplogin") || ($vbulletin->GPC['logintype'] == "modcplogin"))
{
    return;

Now trying to login with the LDAP-credentials the user gets redirected to the 'badlogin'-Message - so no authentication against the LDAP is done.

The normal password - which worked before this change - does not work any more [what is quite logical ]...

Can anyone help, please?
Thanks a lot in advance!
Reply With Quote
  #83  
Old 07-25-2008, 05:18 PM
randycarroll randycarroll is offline
 
Join Date: Sep 2003
Location: SoCal
Posts: 9
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I'm having trouble getting logged in. This, like another user here, is critical to a program we are working on internally.

++ -------- START -------- ++
++ LoginType: Normal Login
++ LdapFiler: (cn=test)
++ LdapServer: connection successful
++ presearch /t Resource id #22,cn=test,cn=users,DC=pmac,DC=internal,(cn=test)
++ LdapSearch: there is no such user in the directory

I get that in the debug. I've also based the search base just dc=pmac,dc=internal and placed the "test" user up in the top of the domain.

The username is "test" and the cn is also test (according to ldp.exe).

I get a word that there is a connection with no problem, but that the user does not exist.

Weird. Any help is greatly appreciated.
Reply With Quote
  #84  
Old 07-26-2008, 09:06 AM
malcolmx malcolmx is offline
 
Join Date: May 2003
Posts: 45
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by randycarroll View Post
++ presearch /t Resource id #22,cn=test,cn=users,DC=pmac,DC=internal,(cn=test)

the dn is not right. that ,(cn=test) seems really wrong. what is the full dn to your user? (maybe ldp.exe show it). please post the content of the ldap config file (from my module).

-malc
Reply With Quote
  #85  
Old 07-28-2008, 03:33 PM
randycarroll randycarroll is offline
 
Join Date: Sep 2003
Location: SoCal
Posts: 9
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Expanding base 'CN=test,DC=pmac,DC=internal'...
Result <0>: (null)
Matched DNs:
Getting 1 entries:
>> Dn: CN=test,DC=pmac,DC=internal
4> objectClass: top; person; organizationalPerson; user;
1> cn: test;
1> description: leave me for randyc;
1> givenName: test;
1> distinguishedName: CN=test,DC=pmac,DC=internal;

There is a snippet of the ldp.exe results.

this is only a test account I'm trying this with.
Reply With Quote
  #86  
Old 07-28-2008, 10:39 PM
randycarroll randycarroll is offline
 
Join Date: Sep 2003
Location: SoCal
Posts: 9
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Also, here is some more info:
Warning: ldap_search() [function.ldap-search]: Search: Operations error in [path]/ldapAuth/controller.php on line 49

Warning: ldap_get_entries(): supplied argument is not a valid ldap result resource in [path]/ldapAuth/controller.php on line 50

That is the debug controller.php. I turned on PHP debugging for the server, so now it is spitting hte errors out.
Reply With Quote
  #87  
Old 07-30-2008, 03:56 PM
randycarroll randycarroll is offline
 
Join Date: Sep 2003
Location: SoCal
Posts: 9
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

bump -- anyone able to shine some light?
Reply With Quote
  #88  
Old 07-31-2008, 12:13 AM
randycarroll randycarroll is offline
 
Join Date: Sep 2003
Location: SoCal
Posts: 9
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Is it possible to use both this and the built in database?

We want both our employees and outside users to be able to sign up and use this service.
Reply With Quote
  #89  
Old 07-31-2008, 04:11 AM
malcolmx malcolmx is offline
 
Join Date: May 2003
Posts: 45
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by randycarroll View Post
Expanding base 'CN=test,DC=pmac,DC=internal'...
Result <0>: (null)
Matched DNs:
Getting 1 entries:
>> Dn: CN=test,DC=pmac,DC=internal
4> objectClass: top; person; organizationalPerson; user;
1> cn: test;
1> description: leave me for randyc;
1> givenName: test;
1> distinguishedName: CN=test,DC=pmac,DC=internal;

There is a snippet of the ldp.exe results.

this is only a test account I'm trying this with.
as you see, you have another DN here as in your first post:
Code:
cn=test,cn=users,DC=pmac,DC=internal,(cn=test)
please post me the ldap config as i asked some days ago.

thanks

-malc
Reply With Quote
  #90  
Old 07-31-2008, 04:12 AM
malcolmx malcolmx is offline
 
Join Date: May 2003
Posts: 45
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by randycarroll View Post
Is it possible to use both this and the built in database?

We want both our employees and outside users to be able to sign up and use this service.
you need to modify the plugin then:
search for the ldap user (if not found) -> make internal auth

-malc
Reply With Quote
  #91  
Old 07-31-2008, 06:55 AM
randycarroll randycarroll is offline
 
Join Date: Sep 2003
Location: SoCal
Posts: 9
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

MalcomX,

Sorry to have bugged this month. After two days of constant tweaking, I've made a change to the script.

My final problems lie here:
At the end of controller.php when it calls upon function_login.php from VB, it is giving errors about missing arguments. I get these, however, I can still login no problem. Essentially, if I shut off verbose error reporting, I can use this script error free :-).

Do you want a copy of the changes I've made? For whatever reason, before ldap_search I had to ldap_bind with a username/password in order to be able to search below the base of the tree.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 11:34 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05128 seconds
  • Memory Usage 2,330KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_code
  • (6)bbcode_php
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete