Novell NDS LDAP Authentication for CACTI
Moderators: Developers, Moderators
-
Techniplex
- Posts: 2
- Joined: Wed Nov 23, 2005 3:54 pm
Novell NDS LDAP Authentication for CACTI
I have re-written the AUTH_LOGIN.PHP to utilize Novell's eDirectory LDAP. It may still work with active directory but I have not tried it. It works with 0.8.6c and higher. Please test and enjoy.
- Attachments
-
- auth_login.zip
- Novell eDirectory LDAP Module
- (2.56 KiB) Downloaded 647 times
-
rony
- Developer/Forum Admin
- Posts: 6022
- Joined: Mon Nov 17, 2003 6:35 pm
- Location: Michigan, USA
- Contact:
FYI....
If you would use the properly formatted "LDAP DN" in "Settings -> Authenication -> LDAP Settings" your would not have to modify the code.
I did look at your patch and the properly formatted DN for your environment is:
The above will work for you, because all that cacti is worried about is that you can bind to the LDAP directory with that DN and password combination.
The code you have added is kinda redundent, in that you are binding with the username and password then searching for the DN.
If you would like to see a great example of LDAP code for better authenication, check out the SVN code in the TRUNK section. This is the 0.9.0 developement branch where I have added a lot of features, including the one you have implemented here.
Any questions, ask away, I even invite you to email me.
If you would use the properly formatted "LDAP DN" in "Settings -> Authenication -> LDAP Settings" your would not have to modify the code.
I did look at your patch and the properly formatted DN for your environment is:
Code: Select all
cn=<username>The code you have added is kinda redundent, in that you are binding with the username and password then searching for the DN.
If you would like to see a great example of LDAP code for better authenication, check out the SVN code in the TRUNK section. This is the 0.9.0 developement branch where I have added a lot of features, including the one you have implemented here.
Any questions, ask away, I even invite you to email me.
[size=117][i][b]Tony Roman[/b][/i][/size]
[size=84][i]Experience is what causes a person to make new mistakes instead of old ones.[/i][/size]
[size=84][i]There are only 3 way to complete a project: Good, Fast or Cheap, pick two.[/i][/size]
[size=84][i]With age comes wisdom, what you choose to do with it determines whether or not you are wise.[/i][/size]
[size=84][i]Experience is what causes a person to make new mistakes instead of old ones.[/i][/size]
[size=84][i]There are only 3 way to complete a project: Good, Fast or Cheap, pick two.[/i][/size]
[size=84][i]With age comes wisdom, what you choose to do with it determines whether or not you are wise.[/i][/size]
-
Techniplex
- Posts: 2
- Joined: Wed Nov 23, 2005 3:54 pm
NDS Auth
The problem I was getting around was that we do not allow guests/anonymous to browse/bind to the LDAP tree. I also thought that this implementation wanted user@context (AD implementation) instead of o=xxxxx,cn=yyyy I performed a bind using the user/pass which proved that the the user/pass combination was valid.
-
rony
- Developer/Forum Admin
- Posts: 6022
- Joined: Mon Nov 17, 2003 6:35 pm
- Location: Michigan, USA
- Contact:
Yah,
Well, that's where the LDAP DN comes in. You can setup a DN in cacti, like:
and "<username>" will be replaced with the username that was used at the login page.
Then if it can bind, it it considered good.
I know and understand why you did this. But it's kinda redundant, in that you are already binding with that user to search for the DN. Cacti doesn't care other that it can bind, it doesn't use anymore information from the LDAP.
Well, that's where the LDAP DN comes in. You can setup a DN in cacti, like:
Code: Select all
o=xxxx,cn=<username>Then if it can bind, it it considered good.
I know and understand why you did this. But it's kinda redundant, in that you are already binding with that user to search for the DN. Cacti doesn't care other that it can bind, it doesn't use anymore information from the LDAP.
[size=117][i][b]Tony Roman[/b][/i][/size]
[size=84][i]Experience is what causes a person to make new mistakes instead of old ones.[/i][/size]
[size=84][i]There are only 3 way to complete a project: Good, Fast or Cheap, pick two.[/i][/size]
[size=84][i]With age comes wisdom, what you choose to do with it determines whether or not you are wise.[/i][/size]
[size=84][i]Experience is what causes a person to make new mistakes instead of old ones.[/i][/size]
[size=84][i]There are only 3 way to complete a project: Good, Fast or Cheap, pick two.[/i][/size]
[size=84][i]With age comes wisdom, what you choose to do with it determines whether or not you are wise.[/i][/size]
Re: Novell NDS LDAP Authentication for CACTI
Just wanted to share that I got the LDAP authentication to work with Novell.
First tip: any change you do on the configuration will only be active when you close the browser you are using to test the login page.
2nd tip: look at the information needed on the image.
Hope this is helpful
d
First tip: any change you do on the configuration will only be active when you close the browser you are using to test the login page.
2nd tip: look at the information needed on the image.
Hope this is helpful
d
- Attachments
-
- ldapNovell.jpg (302.44 KiB) Viewed 3106 times
Who is online
Users browsing this forum: No registered users and 2 guests