Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Auth External - Active Directory


Reply


6 Posts   1394 Views

Avatar
Mo

Community Member, 514 Posts

3 March 2010 at 1:39pm

Hi All,

I was wondering if anyone has got this working? I am trying this using the LDAP config, following the tutorial in the docs (http://doc.silverstripe.org/doku.php?id=modules:auth_ext_ad), but I am having no luck.

The Active Directory server in question is on my work network, and I can ping the server fine. I also noticed that the ldapsearch options provided don't work for me, though it is an LDAP V3 server. I can get ldapsearch working, if I change the string quite drastically.

Any ideas? Are those docs out of date?

Cheers,

Mo

Avatar
Mo

Community Member, 514 Posts

7 March 2010 at 1:46pm

No one had any luck with this?

Avatar
jand

Community Member, 30 Posts

18 June 2010 at 7:33pm

Hi Mo, may I ask if you have an update on this? Did you get it working in the end?

Avatar
Mo

Community Member, 514 Posts

18 June 2010 at 9:03pm

Unfortunately not, using ldapsearch returns a list of users fine, but Silverstripe cant seem to authenticate against that list.

Got me stumped!

Mo

Avatar
jand

Community Member, 30 Posts

18 June 2010 at 11:00pm

:( a pity
thanks for the reply anyway

Avatar
polkowc

Community Member, 2 Posts

19 June 2010 at 1:08am

I have this working (I think I've got everythign you need to change in bold

_config.php

Authenticator::register_authenticator('ExternalAuthenticator');
Authenticator::set_default_authenticator('ExternalAuthenticator');
ExternalAuthenticator::setAuthDebug('/tmp/sstripe_debug.log');
ExternalAuthenticator::createSource('domain','LDAP','User Directory');
ExternalAuthenticator::setAnchorDesc('User ID');
ExternalAuthenticator::setAuthSSLock('domain',false);
ExternalAuthenticator::setAuthServer('domain',fqdn.of.domain.controller);
ExternalAuthenticator::setOption('domain', 'basedn', 'ou=SomeOU,dc=fabrikam,dc=com');
ExternalAuthenticator::setOption('domain', 'attribute', 'sAMAccountName');
ExternalAuthenticator::setAutoAdd('domain', 'Default Domain');
ExternalAuthenticator::setOption('domain', 'firstname_attr', 'givenName');
ExternalAuthenticator::setOption('domain', 'surname_attr', 'sn');
ExternalAuthenticator::setOption('domain', 'email_attr', 'mail');
ExternalAuthenticator::setOption('domain', 'bind_as','cn=SomeUser,ou=SomeOU,dc=fabrikam,dc=com');
ExternalAuthenticator::setOption('domain', 'bind_pw','SomePass');

domain is the short domain name