I am using vbulletin for a long time now and before there was the plugin system introduces i hacked every single version of vb to enable ldap authentication. with the introduction of the plugin system i have written a little plugin that works in every version since VBulletin 3.5. This Plugin is the buyable VBulletin Ligh Authentication from http://www.sartori.at. now its FREE.
Since its working and i will not enhance this small plugin anymore, i will make it public. If there are any enhancements, i can put it into my versioning system and update this plugin.
In contrast to the ldap authentication from zemic my board can authenticate against every - already deployed - ldap directory without changeing the encryption type.
If the ldap user is not added in the VBulletin database, the user is automatically added the first time he authenticates against the ldap. if the user already exists then nothing is changed, except the authentication against the directory.
in the admin or moderator panel no user is authenticated against the directory.
Requirements
php with ldap support
Installation Notes:
copy ldapAuth directory to your vb forum installation directory
change the path to controller.php directory in ldap-plugin.xml
copy the hooks_ldap.xml to FORUM_ROOT/inclucdes/xml directory
in login.php search for:
PHP Code:
if ($vbulletin->GPC['vb_login_username'] == '')
{
eval(standard_error(fetch_error('badlogin', $vbulletin->options['bburl'], ....
}
activate plugin system (if not done already) in admincp
in admin cp import the product at "Download / Upload" Plugins
in global.php search for:
PHP Code:
$show['nopasswordempty']
and change:
PHP Code:
defined('DISABLE_PASSWORD_CLEARING') ? 1 : 0;
to:
PHP Code:
defined('DISABLE_PASSWORD_CLEARING') ? 0 : 1;
configure the ldap settings in: ldapconfig.inc.php
test the product
Additional Notes:
If you are running a Microsoft Active Directory as Ldap server you have to change some settings to allow anonymous queries. This is described at Novell and Microsoft
I would be happy if you support my modification in any way. Install or nominate it or donate some cents at paypal.
Hi
I tried this plugin and followed the instructions but I get the following error:
Warning: ldap_search() [function.ldap-search]: Search: No such object in /ldapAuth/controller.php on line 37
Warning: ldap_get_entries(): supplied argument is not a valid ldap result resource in /ldapAuth/controller.php on line 38
I'm not technical at all - but line 37 in the code is this:
36: // search for the username and get the DN
37: $searchDn=ldap_search($ldapConnection,$ldapBase,$l dapFilter);
38: $searchResult=ldap_get_entries($ldapConnection,$se archDn);
Can any one offer some help as to how I can fix this. I would really like to get this working. We want touse VB within our intranet and LDAP is used extensively.
i dont have an working vb installation at home, but that should do fine. now if you login, you should see your password in plaintext in the debug output file. if this is not your password, please check all the installation steps.
[S]I set up vBulletin with the usual "Admin" account. After adding the hack, I logged in as myself with my LDAP ID - which automagically created my user ID in the user database. Then I logged on as Admin again gave my user ID administrative permissions. (I'll be wanting to give a couple of other users subsets of admin privledges as well).
Well, what happens is that I can not log into the Admin CP with my LDAP ID.
* I can log into the forums with my LDAP ID just fine.
* And I can log into the Admin CP with 'Admin' just fine.
* But I can't log into the Admin CP with my LDAP ID.
* And I can't log into the forums with 'Admin'.
My theory here is that there is a different log-in process for the Admin CP and it is trying to verify my password against the vBulletin database.
Familiar with this problem? Am I just missing something?[/S]
Nevermind! Missed the comment in the description that says LDAP is not used for the admin or moderation control panels. That's not going to work for me. I need it to check the LDAP directory and the database in all cases. I will settle for just checking LDAP, but would rather it check both.
Sounds like I need to do some digging.
just comment out the following code:
PHP Code:
// if login form is admin or moderator login, dont use ldap authentication
if(($vbulletin->GPC['logintype'] == "cplogin") || ($vbulletin->GPC['logintype'] == "modcplogin"))
{
return;
}