LDAP Plugin Enhancements (Updated!) [message #166921] |
Wed, 28 March 2012 09:13 |
|
Hi all,
OK, updates to this as follows.
I'm not the world's greatest programmer, and I know next to nothing about PHP, but this seems to work for my application. Comments and criticisms would be gratefully received!
Summary of changes:
• Changed to use LDAP URLs instead of servername/port. This allows use of LDAPS (LDAP over SSL).
• Allow forum user details (email address, real name, alias) to be set from attributes retrieved from LDAP server.
• Always update email/name/alias with current info from LDAP server at each login (if enabled).
• If the user doesn't already exist, check whether an existing user has the same email address (as retrieved from LDAP) as the user trying to log in. If an existing user with the same email address is present, change the login of that user to the login of the user logging in, and update the name/alias with details from the LDAP server. (This should ensure that posts imported from NNTP are assigned to the correct user, even if that user has never logged in to the forum before, and also avoids duplicate email address problems.)
(I also reinstated the password synchronisation, as this seems to be required for reasons I don't understand.)
As mentioned above, it's probably not the most efficient piece of code ever written, but it seems to work for me
Hope it's useful to others.
[Updated on: Thu, 29 March 2012 15:49] Report message to a moderator
|
|
|
|
Re: LDAP Plugin Enhancements (Updated!) [message #167108 is a reply to message #166963] |
Thu, 26 April 2012 15:13 |
|
I didn't really plan for it to be included in the next release, as some of the extra options are quite installation-specific, and the code probably isn't robust.
But if you really want to include it, I'll do a diff of the changes
Upgrade procedure should be easy, as a URL can be derived from servername/port - it's just LDAP://<servername>:<port>/
|
|
|
|
|
|
Aw: LDAP Plugin Enhancements (Updated!) [message #168747 is a reply to message #166921] |
Fri, 12 July 2013 12:13 |
|
hi,
thanks for the plugin!
i've added a tweak to get out a nice ALIAS (it's easier to find users in this environment when username and real-name is displayed in usergroup-lists - REQUIRES 'use aliases'-setting in general settings), from our ugly AD-Names like "SURENAME Gname" automatically:
on adding the user:
//not sure about the 1st line but i changed it in case of weird chars given at the ldap-server
$uent->login = _esc($login);
$uent->name = ucwords(strtolower($info[0]['cn'][0]));
$uent->alias = _esc($login)." (".ucwords(strtolower($info[0]['cn'][0])).")";
and on syncing the following: - ALIAS = username (Surename Gname)
// Sync user details, if enabled
if (!empty($ini['LDAP_EMAIL'])) {
q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET email='. _esc($info[0][ $ini['LDAP_EMAIL'] ][0]) .' WHERE login='. _esc($login));
}
//wl: 20130706 David Kikl - Names + Alias style: "netxxx (Surename Gname)"
if (!empty($ini['LDAP_NAME'])) {
q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET name='. _esc(ucwords(strtolower($info[0][$ini['LDAP_NAME']][0]))) .' WHERE login='. _esc($login));
}
if (!empty($ini['LDAP_ALIAS'])) {
q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET alias='. _esc($login." (".ucwords(strtolower($info[0][$ini['LDAP_NAME']][0])).")").' WHERE login='. _esc($login));
#dbg('REFRESH_ALIAS: UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET alias='. _esc($login." (".ucwords(strtolower($info[0][$ini['LDAP_NAME']][0])).")").' WHERE login='. _esc($login));
}//else dbg("REFRESH_ALIAS: empty ALIAS?");
for the editing mask below i just mentioned the code i've inserted:
<p>HARDCODED LDAP Attributes for forum user alias:<br />
<b>username (Surename Gname)</b> (<- SURENAME GnAmE / surename GNAME / ect.)<br />
(wl/dk alias)</p>
<p>HARDCODED LDAP Attributes for forum user real name:<br />
<b>Surename Gname</b> (<- SURENAME GnAmE / surename GNAME / ect.)<br />
(wl/dk alias)</p>
i tried to get aroud some debugging troubles for using the fud-forum default debugging-functionality see post http://fudforum.org/forum/index.php?t=msg&goto=168746&#msg_168746
cheers david
[Updated on: Fri, 12 July 2013 12:16] Report message to a moderator
|
|
|