Re: ajaXplorer and slx-ldap

Sun, 06 May 2012 09:50:56 -0700 

Hi,
and thank you Mike, now it works. Below summarized the settings, if some one is interest in using ajaXplorer: 


Put the following as entry into the array $PLUGINS in 
<ajaXplorerdir>/conf/bootstrap_plugins.php:


...
"AUTH_DRIVER" => array(
        "NAME" => "ldap",
        "OPTIONS" => array(
            "LDAP_URL" => 'ldaps://ldap',

            "LDAP_USER" => 
'cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no',

            'LDAP_PASSWORD' => '<tjenerPasswort>',
            "LDAP_DN" => 'ou=People,dc=skole,dc=skolelinux,dc=no',
            "LOGIN_REDIRECT" => false,
            "AUTOCREATE_AJXPUSER" => true,
            "TRANSMIT_CLEAR_PASS" => true,
            "LDAP_FILTER" => "objectClass=posixAccount",
            "LDAP_USERATTR" => 'uid'
        )
  ),
...


All in all you see "TRANSMIT_CLEAR_PASS" => true. If you set it to 
false, it doesn't work. I don't no why, but the corresponding code is




if($this->getOption("TRANSMIT_CLEAR_PASS") === true){ // Seed = -1 means 
that password is not encoded.

                return ($userStoredPass == md5($pass));
            }else{
                return (md5($userStoredPass.$seed) == $pass);
            }


Someone an idea?

Martin



Am 05.05.2012 19:34, schrieb Mike Gabriel:

Hi Martin,


not sure about the settings for lenny (have never installed a lenny 
tjener)... But from what I have seen in the old Debian Edu lenny code...


On Fr 04 Mai 2012 19:28:42 CEST Martin Schulte wrote:


Hi,


i'm trying to setup ajaXplorer ( http://ajaxplorer.info/ ) on a 
(still) lenny based skolelinux server. ajaXplorer comes with an ldap 
plugin. To get an ldap authentication i've to set this variables ( 
description is here: http://ajaxplorer.info/plugins/auth/ldap/#tabs-2 )


        "LDAP_URL" => 'ldaps://10.0.2.2',

        "LDAP_USER" => 
'cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no',


cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no (?)


        'LDAP_PASSWORD' => 'mySecretPassword',


<tjener's-root-password>


        "LDAP_DN" => 'ou=People,dc=skole,dc=skolelinux,dc=no',
        "LOGIN_REDIRECT" => false,
        "AUTOCREATE_AJXPUSER" => false,


you might want auto creation to be enabled...


        "TRANSMIT_CLEAR_PASS" => true,


really???


        "LDAP_FILTER" => "objectClass=uid"


This is definitely wrong. It has to be ,,objectClass=posixAccount''*


        "LDAP_USERATTR" => 'samaccountname'



This smells like Adtive Directory stuff... not appropriate for Debian 
Edu / OpenLDAP. Use ,,uid'' as LDAP_USERATTR instead.


Greets,
Mike




--
To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4fa6a9e6.8010...@web.de























					Reply via email to