[Xerte-dev] Successful install of XoT 1.7 + AD authentication at Lowestoft but .....

[Thomas Rochford]

Good Evening Everyone,

 

I spent all day at the College, because there were a number of new issues
encountered so I thought it worth documenting

 

1)      They wanted to run it under Server 2008 R2 with XAMPP to provide
management. XAMPP 1.7.7. (and 1.8.0 by the look of it) will not run properly
under this operating system because of problems with the compiler versions
used. This prevents Apache running. The MS Workaround suggested is to
download an older version of the distributable C++ support libraries but
they were reluctant to do this as the server, although brand new at present,
was intended to host a large number of Apps within the Institution, so this
ruled out both Apache and XAMPP

2)      We then thought to try it under IIS but there were some issues with
the Microsoft distribution of PHP 5.3.*

3)      In the meantime they had run up a virtual W7 server so we used this
with XAMPP using the older version - xampp-win32-1.7.3. There were some
minor issues with misconfigured paths for the PEAR extensions but that did
not seem to stop things working.

4)      I made the changes to login_library.php described in my earlier
posting but there were still some problems as follows

(a)    The 'Top Level OU' was configured in AD as college.ac.uk this would
not work at all so we configured a bind DN without an OU, but three DC
entries, viz.: DC=college, DC=ac, DC=uk.

(b)   Although we were now able to bind, the lack of an OU meant that
searches were failing so we configured three base DNs for three separate
servers with DCs set to the user areas for Staff, Students and special
cases. This then worked satisfactorily. I created the 'multiple' LDAP hosts
by inserting extra rows in the LDAP table manually.

 

It's clear that there is unlikely to be any general uniformity in the
structure of AD's or the naming conventions used. The College is considering
inserting a new top Level OU - e.g. AuthUsers - but as the present
installation seems to be working smoothly - at least from the server point
of view, I do not think this to be a high priority.

 

Again this makes the case, to my mind, for keeping as much as possible in
the MySQL tables which seem to be reasonably flexible and can probably
handle a range of cases more easily than could be done within the
installation/management code itself. 

 

I will try to follow this up with a rather more detailed posting of the
final working filters and DNs, so this really just needs to act as a holder
and a marker for future development, as I notice that Dave (?) has done
quite a lot with the new OO Login scripts for XoT 1.8. They are going to try
installing this alongside the XoT 1.7 install with a separate Database.

 

Kindest regards, Thomas

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte-dev/attachments/20120528/228e4bc1/attachment.html>