SIDEBAR
»
S
I
D
E
B
A
R
«
Elgg (Old Version 0.9) LDAP Authentication Working
February 28th, 2008 by Andrew Chlup

Elgg 1.1 LDAP info can be found here.

It turns out that getting the LDAP authentication working with Elgg was very easy.

All you need to do is look in the “home/auth/ldap” folder, where you will find “lib.php”. This file gives you basic directions on setting up LDAP authentication. I followed the following steps:

  1. Copy lines 18-43 of “home/auth/ldap/lib.php” and paste them below line 10 in “home/config.php”.
  2. Next you need to clean up the code by removing all of the asterisks. There are also several places where semicolons are missing, so put them at the end of line where they are missing. When your done it should look something like this:

    // Authentication set to LDAP
    $CFG->auth = ‘ldap’;

    // LDAP Authentication parameters
    // LDAP host
    $CFG->ldap_host = ‘your.domain.com’;
    // LDAP port
    $CFG->ldap_port = 389;
    // Base DN – can be string or array of string for multiple DNs
    $CFG->ldap_basedn = ‘cn=users,dc=your,dc=domain,dc=com’;
    // Protocol version
    $CFG->ldap_protocol_version = ’3′;
    // Filter for username, common are cn, uid or sAMAccountName
    $CFG->ldap_filter_attr = ‘uid’;
    // Search attibutes: associative array with the key being the attribute
    // description, and the value being the actual LDAP attribute. firstname
    //lastname and mail are used to create the elgg user profile. The
    //example below works for ActiveDirectory.
    $CFG->ldap_search_attr = array(‘firstname’ => ‘givenName’,
    ‘lastname’ => ‘sn’,
    ‘mail’ => ‘mail’);
    // Create user, relies on the givenname, sn, and email attributes for now
    $CFG->ldap_user_create = true;
    // Fallback option, try internal authentication if everything fails
    $CFG->ldap_internal_fallback = true;

  3. Use your domain information instead of “your.domain.com” and make appropriate adjustments to “$CFG->ldap_search_attr” if you are using non-standard LDAP attributes.
  4. Als0, you will need to use a couple of additional lines of code if you require a password to bind to your directory. These are found in the “home/auth/ldap/lib.php” file.
  5. It should now work!

Now the only thing that is bugging me is that default name is your surname. But that should be easy enough to fix. This was done on a xServe G4 running OS X Server 10.4.9, running entrophy php 5.2.4.


2 Responses  
  • ravi writes:
    March 24th, 20099:09 amat

    Andrew,

    thanks for the above info. I just installed Elgg and was hoping to integrate it with my LDAP directory.

    –ravi

    P.S: It was a pleasant surprise to click on the link to your site in Google and find that you are using Ahimsa for WP! ;-)

          Reply  
    • Andrew Chlup writes:
      April 28th, 20095:26 pmat

      The pleasure is mine. I’m glad I could help. I love your template.

      I just started looking at CSS 3 specs when I first encountered it.

            Reply  


Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
»  Substance:WordPress   »  Style:Ahren Ahimsa