Zero One Helpdesk

[Scotmk]

Hi

I am having a lot of fun trying to sort out LDAP authentication. I think I have managed to get the program to see the server, but I get an error with the user account. The error is:

Warning: ldap_search() [function.ldap-search]: Search: No such object in D:\www\st-helpdesk\common\common.php on line 167

I am not totally sure where to llok for this one, I downloaded the ldp tool thing, and I cannot see the info.

Can anyone shed any light?.

My LDAP settings are:

ldap_host = "myserverip"
ldap_domain = "mydomain"
ldap_binddn = "administrator@mydomain"
ldap_bindpwd = "adminpassword"
ldap_rootdn = "CN=ogs,DC=mydomain,DC=internal"
ldap_searchattr = "DC=mydomain,DC=internal"
ldap_fname = "givenname"
ldap_lname = "sn"
ldap_uname = "samaccountName"
ldap_email_add = "mail"
ldap_office = "l"
ldap_phone = "telephonenumber"
ldap_context = "DC=mydomain,DC=internal"

Thanks

Scot

[Hightower]

Did you figure this? I'm having some problems setting up ldap on this.

Thanks,

[Gatt]

This is my LDAP Config..

auth_method = "AD"
ldap_host = "my_domain_controller.school.internal"
ldap_domain = "school.internal"
ldap_binddn = "administrator@school.internal"
ldap_bindpwd = "admin_password"
ldap_rootdn = "OU=school_OU,DC=school,DC=internal"
ldap_searchattr = "sAMAccountName"
ldap_fname = "givenname"
ldap_lname = "sn"
ldap_uname = "samaccountname"
ldap_email_add = "mail"
ldap_office = "physicaldeliveryofficename"
ldap_phone = "telephonenumber"
ldap_context = "sAMAccountName"

Note the highlighted section!

[Hightower]

Looks like it worked. Now I get this though:

Cannot create new user! ... This user does not have an 'Email' LDAP value or check 'LDAP Email Attribute' in the OneOrZero Task Management System Server Settings

Changed the email value to 'givenname' to test and now can log in. But why would I get this error? The email value is filled in within active directory

[Geoff]

Are you using Exchange? I don't think the AD LDAP field for your Exchange email address is the same as the 'mail' field.

[Hightower]

No - our email system is external. Another thing: Is it possible to add two locations to ldap_rootdn because otherwise the students will have access which I don't want.

I've tried OU=Location1,DC=school,DC=internal;OU=Location2,DC=school,DC=internal

but that doesn't work.

Thanks for the help

[Gatt]

I think email is a required field - you need the email field populated in the user's AD properties
As for 2 locations - i think you can by seperating them with Semi-Colons but not sure..
If Staff and Pupils are in same AD, then easiest was is to create OU's for staff and pupils then set the STAFF OU as the rootdn

[Hightower]

It's a CC3 network so we have OU's for Non-teaching, teaching, system admins and students. If I add the OU above it opens up access to the students as everyone falls under the TCS OU

I need to add the non-teaching and teaching - semi-colon didn't work.

[Hightower]

The mail part is working now - Just need to figure out how to add two OU's.

I've tried adding a group like CN=Group name,OU=Location,DC=School,DC=Internal but this didn't work either.

[elsep]

I have fully installed One Or Zero with no problems but im having some problems with LDAP, I have successfully got LDAP to work but I need a way to add multiple OUs like in Moodle. As we need to have several ou`s across domain and A sub domain.

below is a list of the OU's I have need to add how would i do it?

OU=Admin Users,DC=nsnet,DC=net
OU=S Teachers,DC=nsnet,DC=net
OU=Teachers,DC=nsnet,DC=net
OU=Students,DC=nsnet,DC=net
OU=S Teachers,DC=Juniorschool,DC=nsnet,DC=net
OU=Teachers,DC=Juniorschool,DC=nsnet,DC=net
OU=Students,DC=Juniorschool,DC=nsnet,DC=net

chris