Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 01-21-2008, 06:28 PM
upnorth upnorth is offline
 
Join Date: Jul 2003
Posts: 81
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Active Directory Authentication

Does anyone know of a hack for implementing active directory authentication on a vBulletin forum? I've done a lot of searching and all I can find is a couple of LDAP ones.

Any help would be greatly appreciated.
Reply With Quote
  #2  
Old 01-31-2008, 11:09 AM
Zebra Zebra is offline
 
Join Date: Sep 2007
Posts: 12
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

We are looking also for this.. I think there is a market for it...
Reply With Quote
  #3  
Old 01-31-2008, 05:25 PM
cheesegrits's Avatar
cheesegrits cheesegrits is offline
 
Join Date: May 2006
Posts: 500
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I've actually been researching this recently. The problem is that by default AD stores the users password in simple unicode representation of the cleartext password. But vB MD5 hashes the password in the browser before sending it to login.php.

I think if you install Services for UNIX (SFU) on your AD, it can be configured to keep an MD5 hashed password in a new msSFU30password field. However, to retireve and compare this attribute you would have to use LDAPS rather than LDAP, i.e. configure a cert on your AD.

Anyway, I'll update this thread as and when I make any progress on this.

An alternative would be to build a mod which uses SAMBA's ntlm_auth or winbind mechanisms. Again, more news if I make any progress on that.

-- hugh
Reply With Quote
  #4  
Old 02-04-2008, 08:46 AM
Zebra Zebra is offline
 
Join Date: Sep 2007
Posts: 12
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

We don't use UNIX etc. only windows with AD. But we hope that we find something.
Otherwise VB is exit..
Reply With Quote
  #5  
Old 02-04-2008, 04:15 PM
cheesegrits's Avatar
cheesegrits cheesegrits is offline
 
Join Date: May 2006
Posts: 500
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well the "Services For UNIX" on the AD doesn't imply that you have to be running UNIX. What it does is add some functionality to the underlying LDAP store that makes it easier for non-Windows apps to play in the same LDAP sandbox. Specifically, it gives you the option of storing a copy of the windows password in MD5 hashed format, which solves the problem I outlined above.

-- hugh
Reply With Quote
  #6  
Old 05-06-2008, 03:13 PM
malcolmx malcolmx is offline
 
Join Date: May 2003
Posts: 45
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

to make it short. you can authenticate against active directory with ldap. Active directory is an ldap server with some extensions. so MS did the same as usual. take existing ideas, add something new and start the marketing..

i wrote an ldap plugin, which is available here. if you have any questions regarding this topic, do not hesitate to contact me.
https://vborg.vbsupport.ru/showthread.php?t=148573


maybe i did not understand the question? when authenticating it doesnt matter if the password is md5, sha or any other hash.

-malc
Reply With Quote
  #7  
Old 06-12-2008, 11:48 PM
dellusionaldude dellusionaldude is offline
 
Join Date: Mar 2008
Posts: 5
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks, MalcolmX. Is this available for vb 3.7?
Reply With Quote
  #8  
Old 03-08-2010, 03:20 PM
toscodav toscodav is offline
 
Join Date: Mar 2010
Posts: 2
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

With this Plugin, Does the user still have to enter the username and Password?
We are looking for a single sign-on solution where the user is auto logged in when they log
into their PC.


Quote:
Originally Posted by malcolmx View Post
to make it short. you can authenticate against active directory with ldap. Active directory is an ldap server with some extensions. so MS did the same as usual. take existing ideas, add something new and start the marketing..

i wrote an ldap plugin, which is available here. if you have any questions regarding this topic, do not hesitate to contact me.
https://vborg.vbsupport.ru/showthread.php?t=148573


maybe i did not understand the question? when authenticating it doesnt matter if the password is md5, sha or any other hash.

-malc
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:38 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04588 seconds
  • Memory Usage 2,224KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete