Hi,
Thought I'd work on configuring LDAP, which was going well until I was interupted and needed to login again later to take up where I left off.
I can't login???
I get the following error. I'm using v.3.6.2.
Fatal error: Call to undefined function: ldap_connect() in /home/websites/uniting/fudge/ldap/ldap.inc on line 99
I'm happy for the moment to give up on LDAP, but I need to turn LDAP off so I can login again authenticating to the Matrix user database. How is my question?
Thanks for your help.
Rob
Your installation of PHP doesn't have LDAP support. Depending on your distribution, you could just install php-ldap, or you may need to recompile. If that doesn't work, there are ways to manually remove assets via the database, but they're intricate.
[quote]Your installation of PHP doesn’t have LDAP support. Depending on your distribution, you could just install php-ldap, or you may need to recompile. If that doesn’t work, there are ways to manually remove assets via the database, but they’re intricate.
[right][post=“8072”]<{POST_SNAPBACK}>[/post][/right][/quote]
Thanks Avi, I’ll have a go at installing PHP-LDAP.
Thanks for your reply, especially over the Christmas period. Hope you have a good Christmas/New Year.
Alright, I've tried to no avail unfortunately… Reinstalling PHP-LDAP or PHP entirely doesn't work.
Considering this was a Squiz managed installation of Matrix, for a corporate environment. i.e. we are one of your clients, I expected that LDAP support would have been installed/configured at the PHP level anyway…
That said, Matrix is still dead, meaning that we're unable to login, unlike MySource Classic which seemed to be more forgiving with LDAP setup, and we need to this up and running again.
Avi or Greg, could you please detail for me the steps needed to stop LDAP from being the primary authentication means. You mentioned these steps in your last post.
Many thanks.
Forget removing assets from the DB. The easiest way to stop LDAP from authenticating is to just hack up the code.
Edit the file: /path/to/matrix/packages/ldap/authentication_ldap/authentication_ldap.inc
You'll find a function very near the top called authenticateUser(). The first few lines look like this:
function &authenticateUser($username, $password)
{
$user = null;
$bridges = $GLOBALS['SQ_SYSTEM']->am->getChildren($this->id, 'ldap_bridge', true);
...Change that to look like this (one line added):
function &authenticateUser($username, $password)
{
$user = null;
return $user;
$bridges = $GLOBALS['SQ_SYSTEM']->am->getChildren($this->id, 'ldap_bridge', true);
...</pre><br />
Now LDAP authentication will always fail and fall back to the next authentication system in the list (the default one in your case) without trying to connect.
I don't have an install handy to test this on, so let me know how it goes.
[quote]Avi or Greg, could you please detail for me the steps needed to stop LDAP from being the primary authentication means. You mentioned these steps in your last post.
[right][post=“8089”]<{POST_SNAPBACK}>[/post][/right][/quote]
If you have an SLA, please also contact our Support Department so that one of our support guys can sort out your LDAP issues.
Excellent! Worked a treat. Thanks Greg.
Avi: I'll raise the LDAP issue with our Project Manager AngelaB.
Thanks again for your help over the holiday period.
I also have an LDAP problem where the bridge appears to be setup correctly but when attempting to login users aren't recognised. Strangely it is working in a test installation we have of Matrix.
Details, Attribute setup (as recommended by Squiz), LDAP User Setup, Permissions are identical in both the test and production installations. Both LDAP bridges are live. Both are displaying the directory tree in both the asset map and on the right side of the screen the same.
Even if a user has no permissions granted test still recognises the user (but doesn't give access) and production doesn't.
I have contacted support but if someone has any ideas on what it might be I could get it up and running sooner - hopefully before Monday afternoon 
Interesting. I can't imagine what's preventing this from happening in production. Is the LDAP Authentication asset in the same position on both systems? If not, try resorting those to adjust the priority of authentication to see if that makes a difference.
[quote]Interesting. I can’t imagine what’s preventing this from happening in production. Is the LDAP Authentication asset in the same position on both systems? If not, try resorting those to adjust the priority of authentication to see if that makes a difference.
[right][post=“8136”]<{POST_SNAPBACK}>[/post][/right][/quote]
Both located under Authentication Systems > LDAP Authentication.
I can imagine it is something equally as small and seemingly trivial though…
[quote]I can imagine it is something equally as small and seemingly trivial though…
[right][post=“8137”]<{POST_SNAPBACK}>[/post][/right][/quote]
What I mean is, is the order of “LDAP Authentication” and “Default Authentication” the same under “Authentication Systems” in both systems? The order the assets appear determines the priority for authentication: The highest one is tried first, and then failed over to the second. Essentially, I’m trying to determine any differences between the two systems.
Sorry yes - default authentication and LDAP authentication are in the same order in both the text and production installations.
Well, that's got me stumped. Greg will have to take a look into this on Monday.
I've got no idea what this is. If your two setups are running the same Matrix code and have exactly the same LDAP configuration, the problem is not something I'm going to be able to figure out for you.
All I would do is re-check that everything really is the same, but it sounds like you've done that already.
Checked, double-checked etc.
Added a new LDAP bridge, ensuring it was positioned above the non-functional one, and all is working :wacko:
So… not sure what the problem is considering they have identical settings and are referencing the same ldap_bridge.inc - am just pleased it is working
Feeling nervous about deleting the problematic bridge though.