FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » FUDforum Development » Plugins and Code Hacks » LDAP Plugin Enhancements (Updated!)
Show: Today's Messages :: Unread Messages :: Polls :: Message Navigator
| Unsubscribe from topic | Bookmark topic 
Switch to threaded view of this topic Create a new topic Submit Reply
LDAP Plugin Enhancements (Updated!) [message #166921] Wed, 28 March 2012 09:13 Go to next message
Multitool is currently offline  Multitool   United Kingdom
Messages: 47
Registered: February 2012
Karma: 1
Member
add to buddy list
stop ignoring messages by this user
Hi all,

OK, updates to this as follows.

I'm not the world's greatest programmer, and I know next to nothing about PHP, but this seems to work for my application. Comments and criticisms would be gratefully received!

Summary of changes:

• Changed to use LDAP URLs instead of servername/port. This allows use of LDAPS (LDAP over SSL).
• Allow forum user details (email address, real name, alias) to be set from attributes retrieved from LDAP server.
• Always update email/name/alias with current info from LDAP server at each login (if enabled).
• If the user doesn't already exist, check whether an existing user has the same email address (as retrieved from LDAP) as the user trying to log in. If an existing user with the same email address is present, change the login of that user to the login of the user logging in, and update the name/alias with details from the LDAP server. (This should ensure that posts imported from NNTP are assigned to the correct user, even if that user has never logged in to the forum before, and also avoids duplicate email address problems.)

(I also reinstated the password synchronisation, as this seems to be required for reasons I don't understand.)

As mentioned above, it's probably not the most efficient piece of code ever written, but it seems to work for me Smile

Hope it's useful to others.


[Updated on: Thu, 29 March 2012 15:49]

Report message to a moderator

Re: LDAP Plugin Enhancements (Updated!) [message #166963 is a reply to message #166921] Tue, 10 April 2012 08:45 Go to previous messageGo to next message
naudefj is currently offline  naudefj   South Africa
Messages: 3772
Registered: December 2004
Karma: 28
Senior Member
Administrator
Core Developer
add to buddy list
ignore all messages by this user
Thanks for the heads-up.

To add this to the next release, we need:

1. Patch (diff of your changes).

2. Upgrade procedure for sites still using servername/port.
Re: LDAP Plugin Enhancements (Updated!) [message #167108 is a reply to message #166963] Thu, 26 April 2012 15:13 Go to previous messageGo to next message
Multitool is currently offline  Multitool
Messages: 47
Registered: February 2012
Karma: 1
Member
add to buddy list
stop ignoring messages by this user
I didn't really plan for it to be included in the next release, as some of the extra options are quite installation-specific, and the code probably isn't robust.

But if you really want to include it, I'll do a diff of the changes Smile

Upgrade procedure should be easy, as a URL can be derived from servername/port - it's just LDAP://<servername>:<port>/ Wink
Re: LDAP Plugin Enhancements (Updated!) [message #167111 is a reply to message #167108] Fri, 27 April 2012 04:11 Go to previous messageGo to next message
naudefj is currently offline  naudefj   South Africa
Messages: 3772
Registered: December 2004
Karma: 28
Senior Member
Administrator
Core Developer
add to buddy list
ignore all messages by this user
Multitool wrote on Thu, 26 April 2012 21:13
But if you really want to include it, I'll do a diff of the changes Smile


Would be great if you don't mind.
Message by andy_scouser is ignored  [reveal message]  [reveal all messages by andy_scouser]  [stop ignoring this user] Go to previous messageGo to next message
Re: LDAP Plugin Enhancements (Updated!) [message #167910 is a reply to message #166921] Thu, 08 November 2012 08:25 Go to previous messageGo to next message
Multitool is currently offline  Multitool   United Kingdom
Messages: 47
Registered: February 2012
Karma: 1
Member
add to buddy list
stop ignoring messages by this user
Incidentally, if anyone is having problems getting LDAPS (LDAP over SSL) to work properly, but normal LDAP works, I found that deleting the "plugin_cache" file from FUDforum's cache directory fixed the problem.

Hope this helps.
Aw: LDAP Plugin Enhancements (Updated!) [message #168747 is a reply to message #166921] Fri, 12 July 2013 12:13 Go to previous message
captain picard is currently offline  captain picard   Austria
Messages: 15
Registered: March 2013
Karma: 0
Junior Member
add to buddy list
ignore all messages by this user
hi,

thanks for the plugin!

i've added a tweak to get out a nice ALIAS (it's easier to find users in this environment when username and real-name is displayed in usergroup-lists - REQUIRES 'use aliases'-setting in general settings), from our ugly AD-Names like "SURENAME Gname" automatically:

on adding the user:

//not sure about the 1st line but i changed it in case of weird chars given at the ldap-server
$uent->login = _esc($login);
$uent->name = ucwords(strtolower($info[0]['cn'][0]));
$uent->alias = _esc($login)." (".ucwords(strtolower($info[0]['cn'][0])).")";


and on syncing the following: - ALIAS = username (Surename Gname)
    // Sync user details, if enabled

    if (!empty($ini['LDAP_EMAIL'])) {
      q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET email='. _esc($info[0][ $ini['LDAP_EMAIL'] ][0]) .' WHERE login='. _esc($login));
    }
    
     //wl: 20130706 David Kikl - Names + Alias style: "netxxx (Surename Gname)"
    if (!empty($ini['LDAP_NAME'])) {
      q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET name='. _esc(ucwords(strtolower($info[0][$ini['LDAP_NAME']][0]))) .' WHERE login='. _esc($login));
    }
    if (!empty($ini['LDAP_ALIAS'])) {
      q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET alias='. _esc($login." (".ucwords(strtolower($info[0][$ini['LDAP_NAME']][0])).")").' WHERE login='. _esc($login));
      
      #dbg('REFRESH_ALIAS: UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET alias='. _esc($login." (".ucwords(strtolower($info[0][$ini['LDAP_NAME']][0])).")").' WHERE login='. _esc($login));
    }//else dbg("REFRESH_ALIAS: empty ALIAS?");


for the editing mask below i just mentioned the code i've inserted:
<p>HARDCODED LDAP Attributes for forum user alias:<br />
<b>username (Surename Gname)</b> (<- SURENAME GnAmE / surename GNAME / ect.)<br />
(wl/dk alias)</p>

<p>HARDCODED LDAP Attributes for forum user real name:<br />
<b>Surename Gname</b> (<- SURENAME GnAmE / surename GNAME / ect.)<br />
(wl/dk alias)</p>


i tried to get aroud some debugging troubles for using the fud-forum default debugging-functionality see post http://fudforum.org/forum/index.php?t=msg&goto=168746&#msg_168746

cheers david

[Updated on: Fri, 12 July 2013 12:16]

Report message to a moderator

Quick Reply
Formatting Tools:   
  Switch to threaded view of this topic Create a new topic
Previous Topic: fudforum debugging output >>File
Next Topic: Adding References: header to mailing list emails
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Dec 05 21:16:33 EST 2024

Total time taken to generate the page: 0.04307 seconds