Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Auth External - Active Directory


Go to End


6 Posts   1808 Views

Avatar
Mo

Community Member, 541 Posts

3 March 2010 at 1:39pm

Hi All,

I was wondering if anyone has got this working? I am trying this using the LDAP config, following the tutorial in the docs (http://doc.silverstripe.org/doku.php?id=modules:auth_ext_ad), but I am having no luck.

The Active Directory server in question is on my work network, and I can ping the server fine. I also noticed that the ldapsearch options provided don't work for me, though it is an LDAP V3 server. I can get ldapsearch working, if I change the string quite drastically.

Any ideas? Are those docs out of date?

Cheers,

Mo

Avatar
Mo

Community Member, 541 Posts

7 March 2010 at 1:46pm

No one had any luck with this?

Avatar
jand

Community Member, 30 Posts

18 June 2010 at 7:33pm

Hi Mo, may I ask if you have an update on this? Did you get it working in the end?

Avatar
Mo

Community Member, 541 Posts

18 June 2010 at 9:03pm

Unfortunately not, using ldapsearch returns a list of users fine, but Silverstripe cant seem to authenticate against that list.

Got me stumped!

Mo

Avatar
jand

Community Member, 30 Posts

18 June 2010 at 11:00pm

:( a pity
thanks for the reply anyway

Avatar
polkowc

Community Member, 2 Posts

19 June 2010 at 1:08am

I have this working (I think I've got everythign you need to change in bold

_config.php

Authenticator::register_authenticator('ExternalAuthenticator');
Authenticator::set_default_authenticator('ExternalAuthenticator');
ExternalAuthenticator::setAuthDebug('/tmp/sstripe_debug.log');
ExternalAuthenticator::createSource('domain','LDAP','User Directory');
ExternalAuthenticator::setAnchorDesc('User ID');
ExternalAuthenticator::setAuthSSLock('domain',false);
ExternalAuthenticator::setAuthServer('domain',fqdn.of.domain.controller);
ExternalAuthenticator::setOption('domain', 'basedn', 'ou=SomeOU,dc=fabrikam,dc=com');
ExternalAuthenticator::setOption('domain', 'attribute', 'sAMAccountName');
ExternalAuthenticator::setAutoAdd('domain', 'Default Domain');
ExternalAuthenticator::setOption('domain', 'firstname_attr', 'givenName');
ExternalAuthenticator::setOption('domain', 'surname_attr', 'sn');
ExternalAuthenticator::setOption('domain', 'email_attr', 'mail');
ExternalAuthenticator::setOption('domain', 'bind_as','cn=SomeUser,ou=SomeOU,dc=fabrikam,dc=com');
ExternalAuthenticator::setOption('domain', 'bind_pw','SomePass');

domain is the short domain name