Re: [phpesp-general] LDAP designers

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

I think the ini file contains enough info to get you started :)
See here the relevant parts:

// Choose authentication type: { 'default', 'ldap_both', 'ldap_resp',
'ldap_des' }
// ldap_resp: respondents in LDAP, ldap_des: designers in LDAP
// ldap_both: both respondents and designers in LDAP
// default: mysql
$ESPCONFIG['auth_type'] = 'default';

// LDAP connection information
// (Set these values if you choose 'ldap' as the authentication type.)
// if a user is not found in ldap, the DB is still searched as well
// designer info is copied in the DB
$ESPCONFIG['ldap_server'] = 'ldap://ldap.example.com';
$ESPCONFIG['ldap_port'] = '389';

// if wanted/needed, enter the settings to do an authenticated ldap bind
// in order to search the ldap tree
$ESPCONFIG['ldap_bind_dn'] = '';
$ESPCONFIG['ldap_bind_password'] = '';

//the base dn you want to search
$ESPCONFIG['ldap_dn']     = 'dc=example, dc=com';

// the ldap filter used, this is completed with the uid the user enters
$ESPCONFIG['ldap_filter'] = 'uid=';

// the LDAP attribute that is compared with the "group" when completing
private // surveys
$ESPCONFIG['ldap_realm_attr'] = 'objectClass';

// the LDAP attribute/value needed to designate a LDAP user as a
designer $ESPCONFIG['ldap_designer_filter'] = 'UserCategory=engineer';

// the LDAP attribute needed to designate a LDAP user as a superuser
// we show the example of "uid=test"
$ESPCONFIG['ldap_superuser_attr'] = 'uid';

// the LDAP value needed to designate a LDAP user as a superuser
$ESPCONFIG['ldap_superuser_value'] = 'test';

// most newer LDAP servers need protocol 3 to be able to bind
successfully
// if this doesn't work for you, turn it of
$ESPCONFIG['ldap_force_proto_3'] = true;

Franky

On Mon, 26 May 2008 07:42:44 -0400
Matthew Gregg <mat...@gm...> wrote:

> I believe you need to specify an LDAP attribute that signifies
> designer accounts.  If you would like all LDAP users to be designers
> then picking an attribute like UID which all users should have, would
> accomplish it.
> 
> 
> On Mon, 2008-05-26 at 11:15 +0300, Mihails Agafonovs wrote:
> > Also, is there any other prerequisites to enable LDAP for designers,
> > other than changing configuration file (auth_type = ldap_des)?
> > 
> > For now, I'm getting an error, trying both ldap_des and ldap_both:
> > 
> > errorMessage: Referral:
> > \nldap://ForestDnsZones.mydomain.com/DC=ForestDnsZones,DC=mydomain,DC=com\nldap://DomainDnsZones.mydomain.com/DC=DomainDnsZones,DC=GDNEurope,DC=com\nldap://mydomain.com/CN=Configuration,DC=mydomain,DC=com
> > 
> > The configuration is the same as for ldap_resp, which is working
> > correctly.
> > 
> > Ar cieņu, Mihails
> > -------------------------------------------------------------------------
> > This SF.net email is sponsored by: Microsoft
> > Defy all challenges. Microsoft(R) Visual Studio 2008.
> > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> > _______________________________________________ phpESP-general
> > mailing list php...@li...
> > https://lists.sourceforge.net/lists/listinfo/phpesp-general