LDAP Authentication 1.01
I updated the plugin this evening to use some cleaner CSS by importing an external sheet instead of using inline styles, and also fixed a debugging tool that got left in accidentally. I wasn’t seeing the error messages, but for some reason another user was. Weird. Either way the extra debug code is gone now, and the errors have disappeared.
Get it while the getting is good.
WordPress LDAP Authentication 1.01
Update
I don’t have time to maintain this anymore, but there’s lots of good info on the comments both for this post and Wordpress, LDAP, and Play Nicely.
May 11th, 2005
Pat - your tool looks great! I downloaded it and plugged it in to my WordPress installation, but I cannot seem to authenticate anybody. I tried with a username and password I know exists on my LDAP (actually AD) system and made sure there was a matching user in WordPress. Perhaps I am specifying the search DN wrong. I put it in the same way my ColdFusion setup uses it, but maybe it is expecting it differently. Do have an example of how the page should be filled out before I really start ripping into the code?
If I get around to adding code to auto-add users, I will send it back to you, of course.
Thanks
June 21st, 2005 at 4:21 am
Depending on your LDAP server’s setup, you may need to change the value that the plugin searches for when authenticating a user. Ours looks for the uid of a user, I believe the original LDAP plugin looked for something different. That really should be an option, but I’m somewhat lazy. If you need to change that, it’s on line 36 of ldap/ldap_ro.php in your plugins directory.
Here’s a sample options setup
Server Address: ldap.organization.com
Search DN: ou=People,dc=organization,dc=com
User DN: cn=admin,dc=organzation,dc=com
Notice that this is entirely subjective, and you may have a very different setup. Unfortunately, I found LDAP somewhat tricky to wrap my head around (still do) so I’m not the best troubleshooter around. Also, make sure that whatever user you use for doing the searching has proper permissions to do so. That bit me in the ass for a while when trying to set up Alistair’s original version of the LDAP authentication.
June 21st, 2005 at 9:27 am
I was able to get this working with our Microsoft Active Directory setup with a few modifications as follows:
In ldap/ldap_ro.php on lines 36 and 91 (at least in my copy) I changed “uid” to “samaccountname”. I don’t know if this is standard with Active Directory or not, but it works here. In case people are curious here are two of my LDAP options:
Search DN: CN=users,DC=glc,DC=local
User DN: CN=Kyle Mulka,CN=users,DC=glc,DC=local
Of course, you’ll have to adjust those for your own setup. I just used my own DN and password to look things up. Since I don’t have control of the AD/LDAP server, I can’t create a new user.
I would really like to see this plugin automatically register users upon first login to the system without any intervention from the user. If I figure out how to do that, I’ll try remember to let you know.
Also, you might want to change the name of the password field to Password instead of LDAP Server. No biggy.
July 7th, 2005 at 11:42 am
Add the following code to ‘ldap_auth.php’ to remove password fields where they are not needed after enabling LDAP.
ldap_auth.php (excerpt)
September 14th, 2005 at 10:12 pm
Our LDAP-server currently allows anonymous searching. However, I noticed that your plugin requires the ‘User DN’ -option (or
ldapServerCN) to be specified. So, I wanted to be able to leave the ‘User DN’ attribute empty.Two modifications to the code made it possible. In
LDAP->Dock:if ($this->dn && !$this->Bind()) { …and in
LDAP->Search:if (($this->connection_handle) && ($this->search_dn)) { …September 15th, 2005 at 12:43 am
How’s the status of the LDAP plugin Tivac? I think we’re going to try WordpressMU at some point and your plugin screen will be essential. Have you had any luck getting it accepted by WPMU?
People have asked me about ActiveDirectory. The code as it stands won’t work with AD as it needs 128bit SSL and base64 encoded passwords but I’m working on that.
If I can help with documentation for your LDAP options on the screen please feel free to ask!
Looking good
Alistair
September 15th, 2005 at 2:54 am
Pat, while installing your plugin for Wordpress 1.5.2, I found that logout caused a fatal php error, something like “class LDAP_ro inherits undefined class LDAP”.
The solution was to edit ldap_auth.php, and add the line:
require_once(”ldap/ldap_core.php”);
before the line
require_once(”ldap/ldap_ro.php”);
That fixed it.
October 18th, 2005 at 12:51 pm
Actually, it would seem that this plugin isn’t working at all with Wordpress 1.5.2.
I am using iPlanet Directory Server for authentication, which supports LDAP version 2 and 3, and testing with known users and passwords in my directory, and I’m just getting the message “Wrong Login” when I know that the passwords are correct and that the users exist.
My LDAP Options are:
LDAP Server: ldap.example.com
Search DN: ou=people,o=examples,dc=example,dc=com
User DN: blank, anonymous
LDAP Server: blank
I tried making Jarkko’s modifications (above) for anonymous searching, but they have not changed anything.
Any ideas?
October 18th, 2005 at 1:08 pm
I’ve installed your LDAP plug-in to my WP System,But I don’t know whether LDAP Authentic has problems or not….
Is there any method to know the connection status?
October 25th, 2005 at 1:39 am
besthand: check the debug mode and watch your openldap logfiles. there should be any errors that could occur during the authentication.
December 2nd, 2005 at 9:53 am
Great stuff…
Any plans for WordPress 2.x support yet?
July 29th, 2006 at 11:44 am
Thanks for the plugin,
Does any one know whether this works with WordPress 2.1?
Cheers,
Sudar
February 8th, 2007 at 8:49 am
yeah, I’d really like to know if it can work with Wordpress 2.1! I’m having some trouble with the install on it at the moment
March 1st, 2007 at 4:30 am
Anyone get this working with wpmu 1.21?
May 23rd, 2007 at 9:13 am
[...] installed and released a version of WPMU, making use of the nice WPMU LDAP plugin. A good deal of people before me have worked on this, sometimes with several instances of individual releases, and [...]
May 24th, 2007 at 3:11 pm
Here’s a link to a link for the wpDirAuth.php_1.3 patch via which I was able to get wordpress 2.5.1 to successfully authenticate users from my openladp directory:
http://blog.gadodia.net/ldap-authentication-in-wordpress/
July 19th, 2008 at 4:38 pm