LDAP login for Geeklog 1.3.9

This is a hack of the normal users.php. This file will replace your default users.php, therefore I recommend that the original users.php is renamed to something else. The original can be used as a backup to get back into Geeklog if things go wrong.

Quick install guide
Step 1: Download LDAPusers.zip from here.
Step 2: Rename users.php to something else.
Step 3: Extract LDAPusers.zip in the directory above public_html.
Step 4: Move public_html/layout/Blackboard/users/ldaploginform.thtml into your own theme's (layout's) directory.

The way I did things was to move my old users.php to a new name, users_def.php. Remember, at this point you should already have two users in Geeklog, admin and moderator. They are however, not in LDAP. I then used my new LDAP users.php to login as a known LDAP user. This created a Geeklog user for me. I then used users_def.php to log in, in the old way and give the new LDAP user root rights.

Short explanation of what the code does:

There are three files: LDAPconfig.php, users.php, ldaploginform.thtml.

I know very little about LDAP, but I have managed to get the code working. Basically, when the user logs into Geeklog, his username and password is checked against LDAP. If he authenticates, it is checked whether he exists in Geeklog. If not, he is added as a user, using the email from an LDAP search and then he is logged in. If he already exists, he is just logged in. I have done this so that a user can still maintain his Geeklog preferences and additional account information. Later on this code can be amended to get a lot more information from the LDAP Server. However, this would probably depend very much on the organisation's LDAP server and the information available.

If the user changes his password, it will be changed back to the LDAP password the next time he logs in. This I have done, just because I didn't want to fiddle with the 'Account Information' code. The best would probably be to totally remove the option to change password. I have removed the functions for requesting a new password, because, obviously, this has to be done by whoever maintains the LDAP database, which in our case is not me. The server and context information is configured in a config file that is included at the top of the script. The name of the config file is LDAPconfig.php and it should be places in the same directory as config.php.

Last Updated Thursday, July 16 2009 @ 10:15 PM BST|470 Hits