Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+1 vote
1.6k views
in Plugins by
Could really use some help getting the LDAP plugin working.

Please help.

Thanks,

2 Answers

+1 vote
by
edited by

I got it working on a local set up.  It turned out that my biggest issue was figuring out my proper LDAP login and the LDAP search strings.  I had to get the search string information from our IT department.  Once I told it the correct login, it worked well.  

 

My ldap-config.php looks something like:

 

<?php
 
// original  $ldap_search_strings = array( 'uid=USERNAME,ou=lala,ou=www,dc=example,dc=com', 'uid=USERNAME,ou=lala2,ou=www,dc=example,dc=com' );
$ldap_search_strings = array('CN=USERNAME,OU=Users,OU=Department1,OU=CompanyName,DC=intranet,DC=CompanyName,DC=com',
'CN=USERNAME,OU=Users,OU=Department12,OU=CompanyName,DC=intranet,DC=CompanyName,DC=com');
 
$ldap_hostname = 'ldap://SERVER_IP'; // use ldap:// for non ssl encrypted servers
$ldap_port = 389; // use 389 for non ssl encrypted servers
?>

 

by
One issue that we ran into was that Question2Answer limits the user logins (called handles) to 20 characters.  We had people with LDAP IDs more than 20 characters.  I am still working on figuring out how to handle that.  In the meantime, I re-enabled the user registration so that people with long LDAP handles can still use the system.
by
Thanks very much mbentley!  I really appreciate the response.  Its been hard to get it working.  I'll play around with LDAP and see if I can get mine working.
by
Also with the first part of the config, you leave the search_strings alone, correct?
by
No, the search_strings define your company LDAP.  For example, the one that I entered above will only work if you are logging in at "example.com".. You have to change this to work with your company settings.
0 votes
by
WARNING: The current LDAP settup only works with LDAP logins under 20 characters (including spaces).  When I set this up, I found that my account worked, but we had a lot of staff with longer LDAP logins.

At this point, I haven't had the time to track down how to enable longer logins, so I re-enabled the register button.
...