Forum OpenACS Development: Re: ns_ldap with bind procedure

Collapse
Posted by Tom Jackson on
If you can get the updated version that would be great, and please tell us so we can update the repository. But ldap is a relatively difficult protocol. I wrote a simple AOLserver module which didn't use the pools interface. But what exactly you mean by bind, I don't know. There are several types of binding with ldap.

Anyway, my advice is that if you must use ldap, get someone who is familiar with the API. It isn't an obvious interface, too much logic must be handled by the client.

Collapse
Posted by Orzenil Silva Junior on
Tom,

i'm trying to use ns_ldap to enable the AOLserver to connect to the LDAP server. In my setup i'm using OpenACS auth-ldap package to create an authority to authenticate users using the LDAP authentication mechanism.

I downloaded nsldap module from AOLserver sourceforge repository but when i try to authenticate in my openacs system against LDAP following message is logged by AOLserver

-----
Error: auth::authenticate: error invoking authentication driver for authority_id = xxxx: ns_ldap: Unknown command "bind": should be bouncepool, connected, disconnect, gethandle, host, password, poolname, releasehandle, or user
---

This post https://openacs.org/forums/message-view?message_id=277179 tells that based on my setup i need a patched version of nsldap aolserver module with bind command support.

This quick howto here https://openacs.org/forums/message-view?message_id=937445
points to the same link above to download the patched version.

Collapse
Posted by Orzenil Silva Junior on
ok, authentication with LDAP is working now using nsldap from aolserver cvs.

Just set BindAuthenticationP parameter from //yourhost/acs-admin/auth/authority-parameters?authority_id=XXX as empty (instead 1, as described in howto https://openacs.org/forums/message-view?message_id=937445).

With this set up ns_ldap try to retrieve the password from LDAP (attribute: userPassword) and compare it against the password provided by user in LDAP openacs authority.