[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ajaXplorer and slx-ldap



Hi,

and thank you Mike, now it works. Below summarized the settings, if some one is interest in using ajaXplorer:

Put the following as entry into the array $PLUGINS in <ajaXplorerdir>/conf/bootstrap_plugins.php:

...
"AUTH_DRIVER" => array(
        "NAME" => "ldap",
        "OPTIONS" => array(
            "LDAP_URL" => 'ldaps://ldap',
"LDAP_USER" => 'cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no',
            'LDAP_PASSWORD' => '<tjenerPasswort>',
            "LDAP_DN" => 'ou=People,dc=skole,dc=skolelinux,dc=no',
            "LOGIN_REDIRECT" => false,
            "AUTOCREATE_AJXPUSER" => true,
            "TRANSMIT_CLEAR_PASS" => true,
            "LDAP_FILTER" => "objectClass=posixAccount",
            "LDAP_USERATTR" => 'uid'
        )
  ),
...

All in all you see "TRANSMIT_CLEAR_PASS" => true. If you set it to false, it doesn't work. I don't no why, but the corresponding code is


if($this->getOption("TRANSMIT_CLEAR_PASS") === true){ // Seed = -1 means that password is not encoded.
                return ($userStoredPass == md5($pass));
            }else{
                return (md5($userStoredPass.$seed) == $pass);
            }


Someone an idea?

Martin



Am 05.05.2012 19:34, schrieb Mike Gabriel:
Hi Martin,

not sure about the settings for lenny (have never installed a lenny tjener)... But from what I have seen in the old Debian Edu lenny code...

On Fr 04 Mai 2012 19:28:42 CEST Martin Schulte wrote:

Hi,

i'm trying to setup ajaXplorer ( http://ajaxplorer.info/ ) on a (still) lenny based skolelinux server. ajaXplorer comes with an ldap plugin. To get an ldap authentication i've to set this variables ( description is here: http://ajaxplorer.info/plugins/auth/ldap/#tabs-2 )

        "LDAP_URL" => 'ldaps://10.0.2.2',
"LDAP_USER" => 'cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no',

cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no (?)

        'LDAP_PASSWORD' => 'mySecretPassword',

<tjener's-root-password>

        "LDAP_DN" => 'ou=People,dc=skole,dc=skolelinux,dc=no',
        "LOGIN_REDIRECT" => false,
        "AUTOCREATE_AJXPUSER" => false,

you might want auto creation to be enabled...

        "TRANSMIT_CLEAR_PASS" => true,

really???

        "LDAP_FILTER" => "objectClass=uid"

This is definitely wrong. It has to be ,,objectClass=posixAccount''*

        "LDAP_USERATTR" => 'samaccountname'

This smells like Adtive Directory stuff... not appropriate for Debian Edu / OpenLDAP. Use ,,uid'' as LDAP_USERATTR instead.

Greets,
Mike



Reply to: