[Xerte] login_library.php Script Modifications Regarding LDAP

Vince Byfield vince.byfield at gmail.com
Tue Mar 31 18:23:37 BST 2009


Thank you Julian and Patrick for your comments and advice.

I've decided to follow Patrick's suggestion to work within LDAP and have
created a dedicated user within the Windows active directory which only
edits content ('xerte_author') -- this Windows user account is used for
nothing else and has never been logged in or signed in to any system other
that via Xerte/LDAP. (I will have to find some LDAP administration software
that will allow me to manage LDAP/Active Directory users and groups in
conjunction with a customized Microsoft ASP/MSSQL user database--your
suggestions for the most appropriate software to accomplish this would be
appreciated).

Meanwhile, I was able to get the LDAP authentication working after
commenting out the following section of code within login_library.php:

// ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
Setting this particular option generates an error response of 1 which
according the MSDN/LDAP reference is LDAP_OPERATIONS_ERROR. Interestingly,
if I replace the line with ldap_get_option I see that the
LDAP_OPT_PROTOCOL_VERSION is already set to 3 so I commented the line out.

and later on :

//$entry = ldap_get_entries($ds, $sr);
//if(! $entry or ! $entry[0]) {
//     receive_message($username, "USER", "CRITICAL", "Login failed for " .
$username, "Login failed for " . $username);
//return false;
//}else {
{

$entry is presently returning an array of 0 elements.

Once these two sections of code are commented out I am able to log in,
create and edit templates with ease. Do you foresee any difficulties with
keeping these customizations?

Thanks :-)

Vince.


On Sat, Mar 28, 2009 at 12:02 PM, Patrick Lockley <
Patrick.Lockley at nottingham.ac.uk> wrote:
>
>
> I don't see ms sql and LDAP as alternatives to each other - but if you wish
> to use another form of authentication then you would need to modify the code
> in the login_library.php functions. It would be a matter of writing a select
> query on the password and username variables, and then seeing what it
> returns.
>
> Pat
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.nottingham.ac.uk/pipermail/xerte/attachments/20090331/4e82ea22/attachment.html


More information about the Xerte mailing list