NeDi Community

NeDi Software Specific => Installation => Topic started by: big on August 06, 2015, 05:00:59 PM

Title: LDAP - AD Authentication
Post by: big on August 06, 2015, 05:00:59 PM
Hi Folks

good morning

is there any documentation available on how to setup LDAP authentication for NeDi?
I am only looking to do user authentication not authorization via ldap
perhaps an example nedi.conf with comments about what is needed.

I want to query a Microsoft Domain Controller for the user.

any help appreciated.
Title: Re: LDAP - AD Authentication
Post by: Kasper on August 07, 2015, 07:26:38 AM
If you already have a NPS installed you should be able to use that with radius authentication for NeDi.

Have not set it up myself but that should be a working option.
Title: Re: LDAP - AD Authentication
Post by: rickli on August 07, 2015, 02:14:27 PM
BTW, I've just refactored the index.php and cleaned up local, SSO, radius and LDAP authentication for NeDi 1.5. LDAP needs some testing, but everything else works fine now...
Title: Re: LDAP - AD Authentication
Post by: big on August 10, 2015, 08:31:27 PM
thanks

when we go to 1.5 I'll give the LDAP / AD another try
Title: Re: LDAP - AD Authentication
Post by: big on August 12, 2015, 09:04:02 PM
Hi
I found what I think is a typeo in the inc/libldap.php file

the below is the modified function.... I now get network activity so I can try the next few steps on the LDAP server

more as we go


-------------------------------------------



function user_from_ldap_servers($login, $password = '', $import = true){
 
        global $ldapsrv, $user_dn, $fields; 
        global $dbhost,$dbuser,$dbpass,$dbname;
     
        // search if user exist in local user DB
                $link   = DbConnect($dbhost,$dbuser,$dbpass,$dbname);
                $query  = GenQuery('users','s','*','','',array(usrname'),array('='),array($login) ); // this line be array(usrname) NOT array(user) ??
                $res    = DbQuery($query,$link);
Title: Re: LDAP - AD Authentication
Post by: rickli on August 13, 2015, 10:37:40 AM
This lib was a contribution and I can't test ldap here. I've change this DB field and missed this one, tx.
Title: Re: LDAP - AD Authentication
Post by: big on August 13, 2015, 03:47:17 PM


thanks
Glad you could confirm it.......

onward for me to test getting it to work with LDAP....
nedi is such a nice tool, glad to help with it

Title: Re: LDAP - AD Authentication
Post by: Kasper on May 18, 2016, 03:17:52 PM
Hi

When making the changes you have suggested in the libldap.php code I get the following error in apache log:
Code: [Select]
[Wed May 18 14:38:21.903712 2016] [:error] [pid 4877] [client 10.1.70.28:10775] PHP Fatal error:  Call to undefined function GenQuery() in /var/nedi/html/inc/libldap.php on line 20, referer: https://nedi/index.php?goto=User-Profile.php
I can't find the function GenQuery() in the file.

Running NeDi 1.6
Title: Re: LDAP - AD Authentication
Post by: harry on October 13, 2016, 11:56:05 PM
HI All,
Could any one post(or page me) their working AD authentication string and any thing we require to do with config ?
I have tried this... in nedi.conf (not working for me)

guiauth            ldap

ldapsrv      ldap://172.18.133.67    389   Pas$$word!   OU=staff,OU=ICT,OU=staff,DC=xyz,DC=department,DC=win   CN=account nameS,OU=Service Accounts,DC=xyz,DC=department,DC=win  Servicesaccount   sAMAccountName

it will be very helpful if someone can share thier working AD Auth environment.