LDAP Authentication in fengoffice

[varunb]

 Hi,

I am new to use Feng office. I have successfully installed Feng office on my desktop as i am using open-SUSE 12.1.
I need help to configure LDAP , so that all the LDAP users can login in.

Actually i downloaded the zip file from ://downloads.sourceforge.net/project/opengoo/fengoffice/fengoffice_1.7.4/fengoffice_1.7.4.zip

and configured on my SUSE desktop and the version which i am using is feng_community 1.7.4.
The only thing which is remaining is to configure LDAP Authentication.
Please tell me the details how to configure it.

Thanks.

[mmccarn]

Look in <FENG ROOT>/config - you should find 'ldap.config.example.php'.

Copy this file to 'ldap.config.php'.

Edit the copy to contain appropriate values for your LDAP directory.

Once configured, you will still need to pre-create users in feng.

So, for my Active Directory network, my settings look like this:

Code: [Select]

<?php

  /**
  * ldap.config.example.php is sample configuration file for ldap authentication.
  * Rename it in ldap.config.php and change the values acconrding to your env.
  *
  * @author Luca Corbo <luca.corbo@2bopen.org>
  */

  // The configuration array:
  $config_ldap = array (
      'binddn'    => 'CN=LDAP-Bind-User,OU=myorg.org,DC=myorg,DC=org,DC=local',
      'bindpw'    => 'password-for-bind-user',
      'basedn'    => 'OU=Users,OU=myorg.org,DC=myorg,DC=org,DC=local',
      'host'      => 'localhost:3893',
      'uid'       => 'sAMAccountName' //Change in according with your settings to match the userid entry
  );
  return true;

?>
* My user accounts are contained in the Organizational Unit 'myorg.org'
* the user account 'LDAP-Bind-User' has full read rights to my AD
* In my case, I am tunneling traffic from port 3893 to my actual AD controller's port 389 using ssh (hence the odd 'host' setting).
* with 'uid' set to 'sAMAccountName', I need to pre-create user accounts in Feng that match the network user names that users enter when logging in to their windows workstations.  Feng then finds these users in LDAP and authenticates them if the correct password is entered.

[varunb]

yes

i have configured config/ldap.config.php file in order to login in. I edited the file and tried to login in.

Only one ldap user(Eg: varun) is able to login in, same username and password which i use to login in ldap server.
In log files i am able to see logs of for the user(varun) if i try to login with the wrong password but not for the other ldap users.

Code: [Select]

varun:/srv/www/htdocs/feng # tail -f cache/log.php

Session "default" started at 2011-11-30T11:14:52+0000
#1 ERROR: Error: ldap_bind(): Unable to bind to server: Invalid credentials in '/srv/www/htdocs/feng/library/PEAR/Net/LDAP2.php' on line 357 (error code: 2)
Time since start: 0.18639707565308 seconds


But other users who are there in ldap are not able to login in at all also i am not getting any error messages.



and one thing i din not understand about your comment
>>>Edit the copy to contain appropriate values for your LDAP directory.
>>>Once configured, you will still need to pre-create users in feng.

i have configured ldap settings in conf file.
but what is that Once configured, you will still need to pre-create users in feng.
what dou mean by pre-create users, do i have to manually create or add users login in as varun user account.