I can't get LDAP to work

General discussion of Mantis.

Moderators: Developer, Contributor

Post Reply
Treikayan
Posts: 5
Joined: 06 Jan 2009, 16:19

I can't get LDAP to work

Post by Treikayan »

Hello,

I am having a hard time getting LDAP to work with our Mantis. One problem involves users being in different OUs. For instance, we have "OU=Administrators,OU=USA,DC=domain,DC=local" and we also have users here in "OU=Users,OU=USA,DC=domain,DC=local." How do I setup $g_ldap_bind_dn in the "config_inc.php" file? Here are my settings for "config_inc.php."

Code: Select all

        # --- LDAP Settings
        $g_login_method = LDAP;
        $g_ldap_server = "ldap://clehbdc01.broadvox.local:389/";

        $g_ldap_root_dn = "dc=broadvox,dc=local";
        $g_allow_signup = OFF;
        $g_use_ldap_email = OFF;
        $g_lost_password_feature = OFF;
        $g_ldap_bind_dn = "ou=Users,ou=USA,dc=broadvox,dc=local";
        $g_ldap_uid_field = "sAMAccountName";
        $g_ldap_port = 389;
        $g_ldap_bind_passwd = '';
How would I also modify the "core/ldap_api.php" file as well? Before we implemented the LDAP settings, we had two users in the system who could log on. After the LDAP settings took affect, those two same users were able to log in, but I tried adding other users to the system. None of those users could log on via LDAP. Here is my "core/ldap_api.php" settings:

Code: Select all

                function ldap_authenticate( $p_user_id, $p_password ){
                if (is_blank($p_password))
                return false;
                $t_ldap_host = config_get('ldap_server');
                $t_ldap_port = config_get('ldap_port');
                $t_ldap_rdn = config_get('ldap_root_dn');
                $t_ldap_bnd = config_get('ldap_bind_dn');
                $t_ds = ldap_connect($t_ldap_host, $t_ldap_port) or die('Unable to connect to LDAP server<br />');
                $t_user = user_get_field($p_user_id, 'realname'); //This checks the users Real Name instead of username
                $t_uname = user_get_field($p_user_id, 'username');
#               $binddn = "CN=$t_user ($t_uname),$t_ldap_rdn";
                $binddn = "CN=$t_user,$t_ldap_bnd";
                $t_authenticated = false;
                if(@ldap_bind($t_ds,$binddn,$p_password))
                $t_authenticated = true;
                return $t_authenticated;
Whever a user tries to log in they see, "Your account may be disabled or blocked or the username/password you entered is incorrect."
Top
Post Reply

Return to “General Discussion”