🌍
English
Announcement
- [2024-04-17] Piwigo 14.4.0
- [2024-04-01] Piwigo in Hobbit runes
- [2024-03-01] Piwigo 14.3.0
- [2024-01-30] Piwigo 14.2.0
- [2023-12-29] Piwigo 14.1.0
#1 2014-02-17 15:21:29
- Media
- Member
- 2014-02-17
- 5
LDAP_Login
Hello/Hi/Greetings,
We are a company with offices spread all over the world. Until know, everybody stored pictures on our fileserver. At this moment we have 2TB of pictures and it is almost impossible to search through our archive.
1 week ago, I found the Piwigo software. I am trying to setup a demo version and most things are working, however I'm struggeling with the ldap_login plugin. I fill in all information on the LDAP configuration page and when I do an LDAP_Login Test, I Always get the error Error :Invalid credentials test ldap://....
We are using a Windows 2008 server as domain controller.
Anybody who has some tips to solve this issue?
Thanks!
Piwigo version: 2.6.1
PHP version: 5.3.10-1ubuntu3.9
MySQL version: 5.5.35-0ubuntu0.12.04.2
Piwigo URL: not published on the internet
Offline
#2 2014-02-17 16:25:11
- 22decembre
- Member
- 1970-01-01
- 4
Re: LDAP_Login
Hello !
First, when you fill the plugin config form, you must save before you test ! Ok ? This is maybe something I have to improve, but it's quite hard !
The plugin must read its config from the config file before it test, so you have to save first !
Secondly, if you need credentials to do the search (for exemple, you need to enter the ldap with cn=admin,dn=ldap...), you need to feel this credentials in the ldap way (but only there of course).
The plugin just try to bind the ldap server, so check your ldap logs whether, when you try, the bind is, or not, successfull (ldap should give you the actual error or OK codes).
Either it goes right or wrong when you test, you should have the complete sentence that is passed to the ldap server, in red or green. So that you may see there if it lacks something !
Thanks for testing.
Please, try to write everything on a sheet of paper, so that after, you can give me a good feedback and I can improve or explain better the way the plugin works !
Offline
#3 2014-02-18 08:27:24
- Media
- Member
- 2014-02-17
- 5
Re: LDAP_Login
Hello,
After I fill in the plugin configuration form or after I made changes to it, I always press the save button first. Then I test the connection.
I checked the error.log under the apache2 folder, and I found this error message:
Undefined constant LDAP_LOGIN_PATH - Assumed 'LDAP_LOGIN_PATH' in /var/www/plugins/Ldap_Login/maintain.inc.php on line 39, referer: http:// ....
So it looks like the variable is empty? Is assume this variable should contain data that is entered via the plugin configuration form ?
On the plugin form, I use these settings:
LDAP server host = internal IP address of the LDAP server
LDAP port = 389
Base DN = ou=companyname,dc=domain,dc=ourSuffix
Attribute corresponding to the user name = uid
Bind DN = cn=gast,ou=specialusers,ou=dept,ou=companyname,dc=domain,dc=ourSuffix
Bind Password = password of the gast user
Then I press save and then I fill in my username and password to test the settings.
Normally we logon with the username format: domain\username but when I enter my username in this format, I see that the script changes it to domain\\username.
When I try the format "username" then I get the error :Invalid credentials test ldap:
Another remark: under the OU=companyname, we have several other OU's (one for each office)
Under each OU office, we have an OU called, computer and one called users
So the users to be found are located under "sub" OU's under the OU=companyname.
Does the script search also under all "sub" OU's ?
Thx for the help
Offline
#4 2014-02-18 13:57:34
- 22decembre
- Member
- 1970-01-01
- 4
Re: LDAP_Login
So, first, it seems you do well the process !
This missing variable, it's not your job to fill it, but I seems (again) to have a mistake in my code, which I, so, should fix soon !
I think also I should wake up a function in my code which is currently commented, which is the search function. Your configuration, with several OU inside one another is a config I didn't expect, but seems more frequent, so I have to use this function. This is maybe one of the reason you are facing such problem.
I don't know how you should log but I think first I should fix your config problem.
Thanks for bug reporting. May I ask you to contact me in private ( mail or jabber : stephane at 22decembre dot eu ) so that we can discuss of your config and bug together. I would like also to know if you are using openldap, active dir or another server please. Thanks in advance.
At the end, I may publish a new release ( 1.2 ) and so, other persons shouldn't be afraid not to have the solution because we are solving it private. I solve it private but publish the solution after. Thanks for who is in that case.
Offline
#5 2014-02-18 14:18:07
- Media
- Member
- 2014-02-17
- 5
Re: LDAP_Login
Hello,
I will contact you so we can discuss our setup. We are using Active directory (windows 2008 servers).
Daevy
Offline
#6 2014-09-16 12:28:30
- karo
- Guest
Re: LDAP_Login
Hello,
first, thanks for the plugin.
I have login problems but I will read first the log files.
The reason why I write, that in my opinion it is a security hole inside the
script. It writes the data to data.dat which is readable by the web-server.
So if somebody enters directly the url to that file he get's the login-data to the
ldap server.
Why the adminstrator login is needed? The form asked for this data.
Or do I misunderstand something.
Thanks
Kasrsten
#7 2014-09-16 14:43:56
- flop25
- Piwigo Team
- 2006-07-06
- 7037
Re: LDAP_Login
can't you put an htaccess deny from all ?
To get a better help : Politeness like Hello-A link-Your past actions precisely described
Check my extensions : more than 30 available
who I am and what I do : http://fr.gravatar.com/flop25
My gallery : an illustration of how to integrate Piwigo in your website
Offline
#8 2014-10-03 03:45:20
- Linux4ever
- Guest
Re: LDAP_Login
I am also having error. Did you fix the multiple OU under OU?