after running EFA (Version EFA-3.0.2.2) since some months i wanted to go a step further and authenticate the Website against my Server 2016 ADDS.
Followed the given guides at viewtopic.php?f=14&t=1484 and https://raw.githubusercontent.com/E-F-A ... LEASENOTES.
Here the modifications i made:
conf.php
Code: Select all
// LDAP settings for authentication
define('USE_LDAP', true);
define('LDAP_SSL', false);
define('LDAP_HOST', '192.168.1.30');
define('LDAP_PORT', '389');
define('LDAP_DN', 'DC=my-real-domain,DC=eu');
define('LDAP_USER', 'cn=ldap,cn=users,dc=my-real-domain,dc=eu');
define('LDAP_PASS', 'Super-secure-Password');
define('LDAP_SITE', 'Default-First-Site-Name');
define('LDAP_FILTER', 'sAMAccountName=%s');
define('LDAP_PROTOCOL_VERSION', 3);
define('LDAP_EMAIL_FIELD', 'mail');
define('LDAP_USERNAME_FIELD', 'userprincipalname');
define('LDAP_MS_AD_COMPATIBILITY', true);
Code: Select all
function ldap_authenticate($username, $password)
{
$username = ldap_escape(strtolower($username), '', LDAP_ESCAPE_DN);
if ($username !== '' && $password !== '') {
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0); // as found in release notes
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); // as found in release notes
$ds = ldap_connect(LDAP_HOST, LDAP_PORT) or die(__('ldpaauth103') . ' ' . LDAP_HOST);
.30 = adds
.38 = efa
Code: Select all
4 0.000470 192.168.1.38 192.168.1.30 LDAP 124 bindRequest(1) "cn=ldap,cn=users,dc=my-real-domain,dc=eu" simple
5 0.002222 192.168.1.30 192.168.1.38 LDAP 88 bindResponse(1) success
7 0.002339 192.168.1.38 192.168.1.30 LDAP 150 searchRequest(2) "DC=my-real-domain,DC=eu" wholeSubtree
17 0.014419 192.168.1.30 192.168.1.38 LDAP 880 searchResEntry(2) "CN=my.adlogin,OU=users,DC=my-real-domain,DC=eu"
18 0.015271 192.168.1.38 192.168.1.30 LDAP 124 bindRequest(3) "my.adlogin@my-real-domain.eu" simple
19 0.017125 192.168.1.30 192.168.1.38 LDAP 88 bindResponse(3) success
20 0.017615 192.168.1.38 192.168.1.30 LDAP 73 unbindRequest(4)
Greetings
Chriss