Cacti (home)ForumsRepositoryDocumentation
Cacti: offical forums and support  

 FAQFAQ   SearchSearch   MemberlistMemberlist    RegisterRegister   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in    


Novell NDS LDAP Authentication for CACTI

 
Post new topic   Reply to topic    Cacti Forum Index -> Addons for Cacti
Author Message
Techniplex



Joined: 23 Nov 2005
Posts: 2
PostPosted: Wed Nov 23, 2005 4:02 pm    Post subject: Novell NDS LDAP Authentication for CACTI Reply with quote
I have re-written the AUTH_LOGIN.PHP to utilize Novell's eDirectory LDAP. It may still work with active directory but I have not tried it. It works with 0.8.6c and higher. Please test and enjoy.

auth_login.zip
 Description:
Novell eDirectory LDAP Module

Download
 Filename:  auth_login.zip
 Filesize:  2.56 KB
 Downloaded:  240 Time(s)
Back to top
rony
Developer/Forum Admin


Joined: 17 Nov 2003
Posts: 5469
Location: Wisconsin, USA
PostPosted: Wed Nov 23, 2005 5:08 pm    Post subject: Reply with quote
FYI....

If you would use the properly formatted "LDAP DN" in "Settings -> Authenication -> LDAP Settings" your would not have to modify the code.

I did look at your patch and the properly formatted DN for your environment is:

Code:
cn=<username>


The above will work for you, because all that cacti is worried about is that you can bind to the LDAP directory with that DN and password combination.

The code you have added is kinda redundent, in that you are binding with the username and password then searching for the DN.

If you would like to see a great example of LDAP code for better authenication, check out the SVN code in the TRUNK section. This is the 0.9.0 developement branch where I have added a lot of features, including the one you have implemented here.

Any questions, ask away, I even invite you to email me.
Back to top
Techniplex



Joined: 23 Nov 2005
Posts: 2
PostPosted: Wed Nov 23, 2005 5:33 pm    Post subject: NDS Auth Reply with quote
The problem I was getting around was that we do not allow guests/anonymous to browse/bind to the LDAP tree. I also thought that this implementation wanted user@context (AD implementation) instead of o=xxxxx,cn=yyyy I performed a bind using the user/pass which proved that the the user/pass combination was valid.
Back to top
rony
Developer/Forum Admin


Joined: 17 Nov 2003
Posts: 5469
Location: Wisconsin, USA
PostPosted: Wed Nov 23, 2005 6:03 pm    Post subject: Reply with quote
Yah,

Well, that's where the LDAP DN comes in. You can setup a DN in cacti, like:
Code:
o=xxxx,cn=<username>

and "<username>" will be replaced with the username that was used at the login page.

Then if it can bind, it it considered good.

I know and understand why you did this. But it's kinda redundant, in that you are already binding with that user to search for the DN. Cacti doesn't care other that it can bind, it doesn't use anymore information from the LDAP.
Back to top
Display posts from previous:   
Post new topic   Reply to topic    Cacti Forum Index -> Addons for Cacti All times are GMT - 5 Hours
Page 1 of 1

 



Powered by phpBB © 2001, 2005 phpBB Group