+ Post New Thread
Results 1 to 12 of 12
Network and Classroom Management Thread, Help with MRBS and LDAP in Technical; Hi there. First time poster here, but seems like a great resource.. I'm currently having trouble with the excellent Meeting ...
  1. #1

    Join Date
    Jul 2007
    Posts
    65
    Thank Post
    5
    Thanked 2 Times in 2 Posts
    Rep Power
    15

    Help with MRBS and LDAP

    Hi there.

    First time poster here, but seems like a great resource..

    I'm currently having trouble with the excellent Meeting Room Booking System.

    I've got it all working OK on a Windows client running XAMPP. The only problem I'm experiencing is getting LDAP authentication to work. I've got LDAP working fine with other applications, such as Ilient, but have so far been unable to get it working with MRBS.

    Here is the authentication section from my current config.inc file. Any glaring errors that anyone can notice?

    ###############################################
    # Authentication settings - read AUTHENTICATION
    ###############################################
    $auth["session"] = "php"; # How to get and keep the user ID. One of
    # "http" "php" "cookie" "ip" "host" "nt" "omni"
    # "remote_user"
    $auth["type"] = "ldap"; # How to validate the user/password. One of "none"
    # "config" "db" "db_ext" "pop3" "imap" "ldap" "nis"
    # "nw" "ext".

    # Cookie path override. If this value is set it will be used by the
    # 'php' and 'cookie' session schemes to override the default behaviour
    # of automatically determining the cookie path to use
    $cookie_path_override = '';

    # The list of administrators (can modify other peoples settings)
    $auth["admin"][] = "127.0.0.1"; # localhost IP address. Useful with IP sessions.
    $auth["admin"][] = "administrator"; # A user name from the user list. Useful
    $auth["admin"][] = "ross"; #with most other session schemes.
    $auth["admin"][] = "ictsupport";

    #$auth["admin"][] = "10.0.0.1";
    #$auth["admin"][] = "10.0.0.2";
    #$auth["admin"][] = "10.0.0.3";

    # 'auth_config' user database
    # Format: $auth["user"]["name"] = "password";
    $auth["user"]["administrator"] = "***";
    $auth["user"]["spollard"] = "***";
    $auth["user"]["schetcuti"] = "pass";
    $auth["user"]["ross"] = "pass";
    $auth["user"]["jfossey"] = "pass";
    $auth["user"]["ictsupport"] = "***";

    # 'session_http' configuration settings
    $auth["realm"] = "mrbs";

    # 'session_remote_user' configuration settings
    #$auth['remote_user']['logout_link'] = '/logout/link.html';

    # 'auth_ext' configuration settings
    $auth["prog"] = "";
    $auth["params"] = "";

    # 'auth_db_ext' configuration settings
    $auth['db_ext']['db_host'] = 'localhost';
    $auth['db_ext']['db_username'] = 'authuser';
    $auth['db_ext']['db_password'] = 'authpass';
    $auth['db_ext']['db_name'] = 'authdb';
    $auth['db_ext']['db_table'] = 'users';
    $auth['db_ext']['column_name_username'] = 'name';
    $auth['db_ext']['column_name_password'] = 'password';
    # Either 'md5', 'sha1', 'crypt' or 'plaintext'
    $auth['db_ext']['password_format'] = 'md5';

    # 'auth_ldap' configuration settings
    # Where is the LDAP server
    $ldap_host = "aps-sr-001.alexandrap.internal";
    # If you have a non-standard LDAP port, you can define it here
    #$ldap_port = 389;
    # If you want to use LDAP v3, change the following to true
    $ldap_v3 = false;
    # If you want to use TLS, change following to true
    $ldap_tls = false;
    # LDAP base distinguish name
    # See AUTHENTICATION for details of how check against multiple base dn's
    $ldap_base_dn = "ou=Establishments,dc=alexandrap,dc=internal";
    $account_suffix = "@alexandrap.internal";
    # Attribute within the base dn that contains the username
    $ldap_user_attrib = "sAMAccountName";

    # 'auth_ldap' extra configuration for ldap configuration of who can use
    # the system
    # If it's set, the $ldap_filter will be combined with the value of
    # $ldap_user_attrib like this:
    # (&($ldap_user_attrib=username)($ldap_filter))
    # After binding to check the password, this check is used to see that
    # they are a valid user of mrbs.
    $ldap_filter = "mrbsuser=y";

    # 'auth_imap' configuration settings
    # See AUTHENTICATION for details of how check against multiple servers
    # Where is the IMAP server
    $imap_host = "aps-sr-001";
    # The IMAP server port
    $imap_port = "143";

    # 'auth_pop3' configuration settings
    # See AUTHENTICATION for details of how check against multiple servers
    # Where is the POP3 server
    #$pop3_host = "pop3-server-name";
    # The POP3 server port
    #$pop3_port = "110";


    I can't see where it picks up the admin username and password to authenticate with the LDAP server.

    Any help much appreciated.

    Ta.

  2. #2

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,105
    Thank Post
    217
    Thanked 1,308 Times in 805 Posts
    Blog Entries
    4
    Rep Power
    515

    Re: Help with MRBS and LDAP

    http://edugeek.net/index.php?name=Fo...=103369#103369

    a search would have brought this up

  3. #3

    Join Date
    Jul 2007
    Posts
    65
    Thank Post
    5
    Thanked 2 Times in 2 Posts
    Rep Power
    15

    Re: Help with MRBS and LDAP

    Indeed it did my friend.

    I have used that and still no joy.

    Maybe I should have specified that in my original post.

  4. #4

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,105
    Thank Post
    217
    Thanked 1,308 Times in 805 Posts
    Blog Entries
    4
    Rep Power
    515

    Re: Help with MRBS and LDAP

    And you've checked your LDAP version and ports?

    You need to specify if you're running ldap V3 or on a non-standard port.

    also your FQDN has ".internal" at the end - I assume this is something you've set up as the default would of course be ".local"

  5. #5

    Join Date
    Jul 2007
    Posts
    65
    Thank Post
    5
    Thanked 2 Times in 2 Posts
    Rep Power
    15

    Re: Help with MRBS and LDAP

    Yes. Our network is set up as 'internal' rather than local. Like I said, I've set up LDAP with other applications previously with no issues (using 'internal').

    Thanks for your help mate. I'll keep plugging away.

  6. #6

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,317
    Thank Post
    681
    Thanked 1,650 Times in 1,471 Posts
    Rep Power
    425

    Re: Help with MRBS and LDAP

    .local .internal makes no difference some people advocate against using .local and really using a proper fqdn.

    Ben

  7. #7

    Join Date
    Apr 2009
    Location
    Vienna
    Posts
    1
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Hi!

    We are setting up a system for teachers at our old school and want to use
    MRBS as reservation system for rooms, laptops etc. As the school is a
    Windows 2003 Server network we want to authorize the users via LDAP. After
    weeks we got to work this on Joomla but it doesn't work with MRBS.

    This is the configuration of MRBS:

    // Where is the LDAP server
    $ldap_host = "ibc.ac.at";
    // If you have a non-standard LDAP port, you can define it here
    $ldap_port = 389;
    // If you do not want to use LDAP v3, change the following to false
    $ldap_v3 = true;
    // If you want to use TLS, change the following to true
    $ldap_tls = false;
    // LDAP base distinguish name
    // See AUTHENTICATION for details of how check against multiple base dn's
    $ldap_base_dn = "OU=L,OU=Benutzer,DC=ibc,DC=ac,DC=at";
    // Attribute within the base dn that contains the username
    $ldap_user_attrib = "sAMAccountName";

    When I try to login it says: Unknown User

    Configuration of Joomla:

    Here a screenshot from the settings in Joomla:

    http://www.ibc.ac.at/pic1.jpg

    When doing an authentication test in Joomla we get some warnings but login
    works.

    http://www.ibc.ac.at/pic2.jpg

    Quote Originally Posted by Domino View Post
    http://edugeek.net/index.php?name=Fo...=103369#103369

    a search would have brought this up
    This link doesn't work anymore.

    Thanks!

    Jockl

  8. #8

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,807
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    Quote Originally Posted by plexer View Post
    .local .internal makes no difference some people advocate against using .local and really using a proper fqdn.

    Ben
    Not relevant to this thread, but I'm sure Google's spiders will appreciate it. The reason that you shouldn't use .local is because it's used internally by Mac OSX and it's Bonjour network location system. Bonjour might also be installed on Windows PCs with iTunes installed. So if you have these sorts of systems installed you can't use .local without breaking/confusing them.

    Back to your LDAP stuff...

  9. #9

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,807
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    Oh here's my MRBS LDAP config. It works. The AD server is W2k8, but that shouldn't matter for the purposes of this example.

    Code:
    // 'auth_ldap' configuration settings
    // Where is the LDAP server
    $ldap_host = "zeus.carrhill.lancs.sch.uk";
    // If you have a non-standard LDAP port, you can define it here
    $ldap_port = 389;
    // If you do not want to use LDAP v3, change the following to false
    $ldap_v3 = true;
    // If you want to use TLS, change the following to true
    $ldap_tls = false;
    // LDAP base distinguish name
    // See AUTHENTICATION for details of how check against multiple base dn's
    $ldap_base_dn = "OU=All Users,DC=carrhill,DC=lancs,DC=sch,DC=uk";
    // Attribute within the base dn that contains the username
    $ldap_user_attrib = "sAMAccountName";
    // If you need to search the directory to find the user's DN to bind
    // with, set the following to the attribute that holds the user's
    // "username". In Microsoft AD directories this is "sAMAccountName"
    $ldap_dn_search_attrib = "sAMAccountName";
    // If you need to bind as a particular user to do the search described
    // above, specify the DN and password in the variables below
    $ldap_dn_search_dn = "CN=MRBS,OU=Service Accounts,OU=All Users,DC=carrhill,DC=lancs,DC=sch,DC=uk";
    $ldap_dn_search_password = "*********";
    I am using MRBS 1.4.1

  10. #10
    DanW's Avatar
    Join Date
    Oct 2007
    Posts
    246
    Thank Post
    35
    Thanked 12 Times in 12 Posts
    Rep Power
    19
    Geoff - is your MRBS install on a linux box?

  11. #11

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,807
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    Yes it is.

  12. #12

    Join Date
    Oct 2009
    Posts
    1
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Hi, I am having the same problem with the authentication. My config file is in line with the one shown above.

    What could be wrong??

SHARE:
+ Post New Thread

Similar Threads

  1. MRBS - Reports
    By wesleyw in forum How do you do....it?
    Replies: 0
    Last Post: 16th October 2007, 07:41 AM
  2. MRBS help
    By niknik in forum Web Development
    Replies: 0
    Last Post: 29th August 2007, 03:00 PM
  3. MRBS Help!
    By adamf in forum Network and Classroom Management
    Replies: 1
    Last Post: 22nd April 2007, 09:48 PM
  4. MRBS
    By j17sparky in forum Web Development
    Replies: 6
    Last Post: 17th November 2006, 03:11 PM
  5. Authenticating MRBS against Active Directory using LDAP
    By Wizzer in forum Web Development
    Replies: 2
    Last Post: 26th January 2006, 04:21 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •