Jump to:

10931 Posts in 2614 Topics by 1810 members

All other Modules

SilverStripe Forums » All other Modules » Auth_External LDAP

Discuss all other Modules here.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 1420 Views
  • Sullivanindy
    Avatar
    Community Member
    7 Posts

    Auth_External LDAP Link to this post

    Hi,

    I have LDAP authentication working fine, against Novell eDirectory.. I was try to vary user roles based on description of the user in eDir, it works fine for a new user, based on the description they will be placed in the appropriate group, problem is if i try to change the description to .. say promote the user to a different role, it fails because a user with that email already exists.. is the a way that if users exists and group is different to just update group in the CMS?

    Thanks,

    Mark-

  • Sullivanindy
    Avatar
    Community Member
    7 Posts

    Re: Auth_External LDAP Link to this post

    Ok, I upgraded to the latest svn version, which now uses UseAnchor , but still no luck.. It is supposed to now .. if user exists update attributes, but fails after checking the first source and not finding a match, so i try to set ExternalAuthentication::setUseAnchor('true'); but un remarking that line at all causes a white screen.. I can go into the ExternalAuthenticator.php and force the default to true which gives me the drop down for users sources.. and will allow login when choosing the correct source but does not update the autoadd group...

    Maybe I should state what I am looking for..

    I want to have multiple ldap sources with in the same ldap directory, by with OU, or groupmembership, or what ever.. then depending on which source succeeds on auth, a different level of silverstripe group would get set..

    ie.. user found thats found in ou=users and is in the ldap group webAdmin gets added to the SS administrators group, and if a users id found in ou=users and is in the ldap group webEditor gets added to a SS Editors group.. then if i take the users out of one group and put into the other, the auth should still succedd and the SS group should get updated..

    Mark-

  • Sullivanindy
    Avatar
    Community Member
    7 Posts

    Re: Auth_External LDAP Link to this post

    My man Roel is absolutely awesome!! He tweaked the code for me and now allows group mapping setup in the configuration, so now when a user logs in it checks the users group membership via ldap looking for a group defined in the mapping, it it finds a match it sets the new group.. We now have identity base , directory driven back-end security, as well as the ability to have identity based content delivery and accessibility..

    Very nice work Roel!!!!

    Mark-

  • lancer
    Avatar
    57 Posts

    Re: Auth_External LDAP Link to this post

    My pleasure, it was fun to do some coding again...

    Now if I can get myself to rework the unittests I can make the first 0.4 release candidate
    (the latest 0.3 works fine with SilverStripe 2.4.0 by the way)

  • Kueller
    Avatar
    Community Member
    2 Posts

    Re: Auth_External LDAP Link to this post

    Hi, I wanted to do the same thing, but haven't seen the update in the configuration yet. I have the v0.3.1 and want to update site groupmembership on login to reflect the secundary group(s) of the user in the LDAP server. Because all the users in our LDAP database have user as primary group and their roles are given by their secundary groups. Thanks in advance for a reply and the effort. It's a really great module!

  • Sullivanindy
    Avatar
    Community Member
    7 Posts

    Re: Auth_External LDAP Link to this post

    Its the latest version in the svn..

    http://svn.silverstripe.com/open/modules/auth_external/trunk

    rapid svn is a pretty easy svn client.

    http://www.rapidsvn.org/download/release/0.12/

    Make sure to read the update instructions, you have to manually Logon to the database as administrator
    alter table Member change column External_UserID External_Anchor VarChar(255);

    Mark-

  • Kueller
    Avatar
    Community Member
    2 Posts

    Re: Auth_External LDAP Link to this post

    Thanks a lot Mark!

    1420 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.