designbyfront / ldap-authentication-for-expressionengine Goto Github PK

I can't even get the module to show up in EE 2.9. I haven't spent a ton of time trying to resolve yet, but wanted to log this.

I'm having a bit of trouble with this extension.

After installing the extension and enabling it, I get the following error message when a user attempts to login:

A PHP Error was encountered
Severity: Warning
Message: ldap_search() [function.ldap-search]: Search: Operations error
Filename: nce_ldap/ext.nce_ldap.php
Line Number: 332

I have verified that all LDAP settings are correct and that the server is working. Thanks!

Is there a way we can modify this to work with more then one LDAP server?
I am building an Intranet for our company and we have more then one Active Directory that we want to authenticate with.

WHen you update to set the photo filename you stomp all the other photos in the member table. Might want to add a ' where member_id=' clause to that query.

Hi there,
First of, thank you for the work and this extension.
Giving it a first round of test so excuse the ignorance with ldap. It seems that everyone goes fine but the account does not get created in EE...it simply throws EE native message of:
"Invalid username or password"

Thanks again.

Can this extension support secure LDAP (LDAPS) authentication when the authentication server is not on the same network as the system?
What are the steps necessary if LDAPS is possible?

Hi,

in the create_ee_user function around line 294:
$this->EE->db->query('INSERT INTO exp_member_data...
&
$this->EE->db->query('INSERT INTO exp_member_homepage...

Both causes unique DB errors as I think the $this->EE->member_model->create_member now creates the DB entries for you. If I comment them out then new users register fine.

Also in the same function you have hard coded the group_id to be 6, in my particular case the member group_id was 5 - no big deal, but perhaps make it a config option?

Cheers Jon

Is this planned

Something I can hire you to do?

Please advise - we really need Start TLS support

Hi front,

I'm testing this extension and seem to be running into this error:

A PHP Error was encountered

Severity: Notice
Message: Undefined property: EE::$member_model
Filename: nce_ldap/ext.nce_ldap.php
Line Number: 286

Ever seen this? Everything seems to be validating according to the debug output until after Inserting user with data.

Hi,

Is there any reason you can think of why the plugin wouldn't work with OS X server's Open Directory? I'm pretty sure I've got all the settings correct, yet I still get an invalid name/password error on login.

I noticed this extension isn't calling the logger function, and my Control Panel log was full of only log out events so I patched this in the login_authenticate_start function, after the $this->sync_user_details($result); line.

$query = $this->EE->db->query("SELECT member_id FROM exp_members WHERE username ='".$this->EE->db->escape_str($result['username'])."' LIMIT 0, 1");

if ($query->num_rows() > 0)
{
    foreach($query->result_array() as $row)
    {
        $this->EE->session->userdata['member_id'] = $row['member_id'];
        $this->EE->session->userdata['username'] = $this->EE->db->escape_str($result['username']);
    }
}


$this->EE->load->library('logger');
$this->EE->logger->log_action("Logged in via LDAP");

Hi, I installed the LDAP extension on my EE 2.3.1 and I'm trying to test it to see if it works but not sure how to do so? Is there any documentation or info somewhere on how to test this? Any help is appreciated.

Thank you,

Mike

I have extension LDAP authentication version 1.3 on EE 2.10.1 and after I open a website shows me that i'm logged in as another random user who is registered on website.

Please help...
Thanks

After upgrading to EE 2.7 the ldap module will not create new users because its trying to insert a y/n into the ext_members table for a "daylight_savings" column that doesn't exists. I was able to comment out line the "$data['daylight_savings'] = 'n';"

Is this module still active? I'm looking at using it for a project that requires LDAP authentication. But if it is no longer compatible with the latest EE version (2.7 at the moment), that might not be the best plan.

I just installed the LDAP plugin.
I got the settings information from IT and filled them out.
Here are my settings:

Once I update the settings I am not able to log into EE control Panel -- both my Active Directory and ExpressionEngine uname and password aren't working. It just goes to http://myuniversity.edu/admin.php?S=0&D=cp&C=login&M=authenticate and returns server error.

Assuming that the settings are correct, could there be any other reason why this is happening?

Please help..
Muthu

Does the extension remember which group the user has been assigned to (if you assigned him to another than the default member group) or is he assigned to the default group again every time the credentials are compared with the LDAP server information?

I have an issue with the extension not creating new ee user accounts from LDAP when authenticating through a login form in a template or the /member/login template. It works great when using the control panel login. Is there a setting that I'm missing?

Had trouble doing a full domain search on Windows 2003 AD server. Though the ldap_search says it should be doing subtree searches, it did not do so on my setup.

From comments on http://www.php.net/manual/en/function.ldap-search.php

If you add the following options, AD will do the subtree search properly.

ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);

Could these be added as setting options?

I am on EE 2.4 and it looks like one of the functions that this plugin uses has been deprecated. I am seeing the following error being thrown in my developer log

The system has detected an add-on that is using outdated code that may stop working or cause issues with the system. What does this mean?
Deprecated function hash() called in \nce_ldap\ext.nce_ldap.php on line 246.
Deprecated since 2.0. Use Security_helper::do_hash instead.

Any chance this can be patched?

Looks like this add-on may have issues with 2.2, as EL changed the authentication method.

Can you verify?

We have an issue where users that change their password can no longer login to the website using this plugin. They change their password on there primary accounts and subsequently cannot login on our site. My best guess is that the locally created EE user remains with the old password and the LDAP check is never made so they can no longer login in.

Any way to address this?

After switching this extension on I was expecting to see users pre-registered under member group 5 (default for the extension). Either the config/settings aren't quite right or I'm missing something. What would the next steps be after enabling the extension?

Thanks in advance.