Joomla Templates Club 406,261 posts

[abdenour Friend abdenourJoin date: March 2009Posts: 84Downloads:0Uploads:6 Thanks: 11 Thanked: 2 times in 1 posts]

#175245

Hi,

I have install JA Nex template with Joomla 2.5.3. I use this template like an intranet with an LDAP authentification. My LDAP parameters are good because when I enter my login and password all is ok and I’m redirect to the intranet homepage.

But I have a problem. Sometimes when I try to login on my intranet, I always redirect to the page login and not to the intranet hoemapge (my login and password are good). Another times when I try to login, I have an error message with this : “LDAP Failure, unable to bind the LDAP server”.

What I didn’t understand is why sometimes I can connect to my intranet and sometimes I can’t. I suspect there is a problem with the cache can be. Sometimes again when I try to connect, I have another message who is : “Identifiant de sécurité invalide” (in french). I think it’s mean “Invalid security ID”.

I take this opportunity to ask you a question. What should I set in the template configuration for an intranet at the “Enable Development Mode” and “Cache Mode” because I feel that this is when I turn enable developpement mode to no and cache mode to yes I have these problems. But it’s still a chance.

Can you help me please because I’m really beginning to despair.

[Blaine Friend BlaineJoin date: August 2007Posts: 1443Downloads:0Uploads:25 Thanks: 98 Thanked: 177 times in 154 posts]

#444904

This sometimes occurs when PHP scripts have been updated. To resolve this try replacing the IP address with the hostname and see if this fixes you issue.

[abdenour Friend abdenourJoin date: March 2009Posts: 84Downloads:0Uploads:6 Thanks: 11 Thanked: 2 times in 1 posts]

#444905

I replace the IP adress with the hostname on the plugin LDAP ?

[Blaine Friend BlaineJoin date: August 2007Posts: 1443Downloads:0Uploads:25 Thanks: 98 Thanked: 177 times in 154 posts]

#444906

Do you have access to the ldap.conf file?

[abdenour Friend abdenourJoin date: March 2009Posts: 84Downloads:0Uploads:6 Thanks: 11 Thanked: 2 times in 1 posts]

#444907

I have all the access on my joomla website wtih phpmyadmin, but I haven’t access to the LDAP of our office. Where I change this IP to the hostname ?

For your information I use Uwamp (http://www.uwamp.com). This is the same like wampserver

[Blaine Friend BlaineJoin date: August 2007Posts: 1443Downloads:0Uploads:25 Thanks: 98 Thanked: 177 times in 154 posts]

#444923

See if this page helps you or contact your system admin to see if they can effect changes you need.
It’s for 1.5 but maybe 2.5 is similar?

[abdenour Friend abdenourJoin date: March 2009Posts: 84Downloads:0Uploads:6 Thanks: 11 Thanked: 2 times in 1 posts]

#444927

On my joomla website I have on the plugin folder a file ldap.php. Here below the source code. Is inside this file I change the ip adress to the hostname. Where I can change this value please ?

[PHP]<?php
/**
* @copyright Copyright (C) 2005 – 2012 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/

// No direct access
defined(‘_JEXEC’) or die;

/**
* LDAP Authentication Plugin
*
* @package Joomla.Plugin
* @subpackage Authentication.ldap
* @since 1.5
*/

class plgAuthenticationLdap extends JPlugin
{
/**
* This method should handle any authentication and report back to the subject
*
* @access public
* @param array $credentials Array holding the user credentials
* @param array $options Array of extra options
* @param object $response Authentication response object
* @return object boolean
* @since 1.5
*/
function onUserAuthenticate($credentials, $options, &$response)
{
// Initialise variables.
$userdetails = null;
$success = 0;
$userdetails = array();

// For JLog
$response->type = ‘LDAP’;
// LDAP does not like Blank passwords (tries to Anon Bind which is bad)
if (empty($credentials[‘password’]))
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_(‘JGLOBAL_AUTH_PASS_BLANK’);
return false;
}

// load plugin params info
$ldap_email = $this->params->get(‘ldap_email’);
$ldap_fullname = $this->params->get(‘ldap_fullname’);
$ldap_uid = $this->params->get(‘ldap_uid’);
$auth_method = $this->params->get(‘auth_method’);

jimport(‘joomla.client.ldap’);
$ldap = new JLDAP($this->params);

if (!$ldap->connect())
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_(‘JGLOBAL_AUTH_NO_CONNECT’);
return;
}

switch($auth_method)
{
case ‘search’:
{
// Bind using Connect Username/password
// Force anon bind to mitigate misconfiguration like [#7119]
if (strlen($this->params->get(‘username’)))
{
$bindtest = $ldap->bind();
}
else
{
$bindtest = $ldap->anonymous_bind();
}

if ($bindtest)
{
// Search for users DN
$binddata = $ldap->simple_search(str_replace(“”, $credentials[‘username’], $this->params->get(‘search_string’)));
if (isset($binddata[0]) && isset($binddata[0][‘dn’])) {
// Verify Users Credentials
$success = $ldap->bind($binddata[0][‘dn’], $credentials[‘password’], 1);
// Get users details
$userdetails = $binddata;
} else {
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_(‘JGLOBAL_AUTH_USER_NOT_FOUND’);
}
}
else
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_(‘JGLOBAL_AUTH_NO_BIND’);
}
} break;

case ‘bind’:
{
// We just accept the result here
$success = $ldap->bind($credentials[‘username’], $credentials[‘password’]);
if ($success) {
$userdetails = $ldap->simple_search(str_replace(“”, $credentials[‘username’], $this->params->get(‘search_string’)));
} else {
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_(‘JGLOBAL_AUTH_BIND_FAILED’);
}
} break;
}

if (!$success)
{
$response->status = JAuthentication::STATUS_FAILURE;
if (!strlen($response->error_message)) $response->error_message = JText::_(‘JGLOBAL_AUTH_INCORRECT’);
}
else
{
// Grab some details from LDAP and return them
if (isset($userdetails[0][$ldap_uid][0])) {
$response->username = $userdetails[0][$ldap_uid][0];
}

if (isset($userdetails[0][$ldap_email][0])) {
$response->email = $userdetails[0][$ldap_email][0];
}

if (isset($userdetails[0][$ldap_fullname][0])) {
$response->fullname = $userdetails[0][$ldap_fullname][0];
} else {
$response->fullname = $credentials[‘username’];
}

// Were good – So say so.
$response->status = JAuthentication::STATUS_SUCCESS;
$response->error_message = ”;
}

$ldap->close();
}
}
[/PHP]

[Blaine Friend BlaineJoin date: August 2007Posts: 1443Downloads:0Uploads:25 Thanks: 98 Thanked: 177 times in 154 posts]

#445038

This really is not JA so I am hesitant to advise further. please see if this post gives you some direction.

[abdenour Friend abdenourJoin date: March 2009Posts: 84Downloads:0Uploads:6 Thanks: 11 Thanked: 2 times in 1 posts]

#445085

Hi Blaine,

I have test the ldap configuration you have send for me on the latest thread but it doesn’t work. I can’t connect to my intranet with this configuration. When I enter the configuration I have before all is ok and I can connect to my intranet with my login and password.

I think it’s not a problem of my ldap plugin configuration beacause this config work perfectly for me and others users. The problem is sometimes we have a error message when we try to login. This message is : LDAP Failure : undable to bind ldap server.

I have try different test to found where is the problem. I have change the system cache on template, I have disabled all the cache on all teh website but all this things have change nothing.

For example this morning, I have a user who open the intranet website and try to login. After that, he had the error message ldap failure, unable to bind the ldap server. On the same minute, the same user have closed his firefox navigator and open it a new time and enter his login and password, then he have access to the intranet homepage. His connection was successfull.

Any help will be appreciated please to find why sometimes users can connect to the intranet and sometimes no

[Blaine Friend BlaineJoin date: August 2007Posts: 1443Downloads:0Uploads:25 Thanks: 98 Thanked: 177 times in 154 posts]

#445114

The password is case sensitive, could this be pure user error?

[Manos Moderator ManosJoin date: February 2014Posts: 2806Downloads:46Uploads:56 Thanks: 200 Thanked: 633 times in 576 posts]

#445254

Also the error might be related to an intranet firewall or something like that.
From the error itself someone can only tell that the ldap server denies the connection (maybe there’s a connection limit also)
I think that only the system admin of your intranet can provide you with sufficient answers on this case, but definitely it’s not a JA nor Joomla issue since both have been on intranets for years now and very successful.

[abdenour Friend abdenourJoin date: March 2009Posts: 84Downloads:0Uploads:6 Thanks: 11 Thanked: 2 times in 1 posts]

#445317

I have uninstall the plugin Joomla LDAP and replace it by JMapMyLDAP. I will see this next days if this new plugin work correctly.
Thanks for your answer.

[Author]

Posts