Plugin works perfectly. Thanks a lot for sharing, maintaining and supporting!

My users are on OpenLDAP, so the plugin “Simple LDAP login” is configured to “Create WordPress user for authenticated LDAP login with appropriate roles.” This role is “Subscriber”. So if the user does not exist on WordPress, then create the user as a subscriber and login to the website.
If I try and use the login form for Ultimate Member, it cannot find the user. The error I get is “Sorry, we can’t find an account with that email address”. If I use the native WordPress login, rather than the Ultimate Member login form, the user is automatically created in the WordPress database and logs straight into the website.

Another thing I noticed was that if I logout my newly created user, and try and use the Ultimate Member login form again with the same newly created account, I get the error message “Password is incorrect. Please try again.” Obviously I know the password is correct as I have just used it in the native WordPress login. If I go to the users account settings in WordPress and change the password to what I know to be correct, the Ultimate Member login form will now log the user into the website.

I’m missing something (probably obvious)

The test fails with openLDAP not installed, but openLDAP and php-ldap packages are installed (centos webserver auth to 2008r2 dc)

Under requirements it just says ‘LDAP support’ ?

Note I haven’t enabled TLS yet, once it works I’ll tackle that part.

What am I missing?

https://www.ads-software.com/plugins/active-directory-integration/

I had to manually change source code to dump $results variable in $userDn = @ldap_get_dn($connection, ldap_first_entry($connection, $results)). If results has one or more items, you can get a wrong userDn if you set an incomplete baseDn in wpDirAuth Settings.

Here is my scenario:

- I have RedHat 6.5 with OpenLDAP installed and configured with a CA certificate.
- I have WordPress 4.3 and wpDirAuth 1.7.8
- In wpDirAuth settings I had
  Enable Directory Authentication = YES
  Require SSL Login = NO
  Automatically Register Authenticated Users = YES
  Enable SSL Connectivity = Use SSL (ldaps)
  Directory Servers (Domain Controllers) = ldapserver.mycompany.com:636
  Account Filter = uid
  Account Suffix = empty/blank
  BaseDn = "uid=admin,cn=users,cn=accounts,dc=mycompany,dc=com"
  Bind Password = "my admin user password"
  Confirm Password = "my admin user password"
  Authentication Groups = empty/blank
  Institution Name = "My Company"
  Marketing name for Institutional Single-Sign-On ID = empty/blank
  Login Screen Message = A nice message here
  Password Change Message = Another nice message here
  Terms of Service Agreement = NO

The only problem above was the BaseDN, which was bringing two records in results array at:

if ( ($results = @ldap_search($connection, $baseDn, $filterQuery, $returnKeys)) !== false ) {

the first record had an invalid DN containing cn=users,cn=compat,dc=mycompany,dc=com. Later, the ldap_first_entry command was picking the first item of results array, that had this incorrect userDN (cn=users,cn=compat,dc=mycompany,dc=com).

Since I cannot test connection and authentication in wpDirAuth to figure what is the correct baseDN setting, I had to include some var_dump inside the source code, which is not really nice.

After debugging it, I figured out that the correct baseDN is

BaseDN = "cn=users,cn=accounts,dc=mycompany,dc=com".

My suggestion is that you wpDirAuth developers add a test button, in order to check if BaseDN, Bind DN and Bind Password are correct.

Another suggestion is to include a field in settings form for redirecting user to a specific URL after a successful authentication.

https://www.ads-software.com/plugins/wpdirauth/

“Cannot create a user with an empty login name”

Oddly, it worked initially.

Thoughts? I’m new to wordpress from Joomla, so hopefully this is a correctable self-inflicted wound.

https://www.ads-software.com/plugins/authorizer/

AD Integration Logon Test

openLDAP not installed

Situation/questions

• Openldap is installed on the server. Services says it is running.
• Server is running IIS on server 2012
• not totally sure how the base dn should be set. I have it at cn=users,dc=domain,dc=tld
• If I use the ldap explorer tool 2, the test on the server tab says OK
• Installed openldap with the berkley engine
• netstat shows port 389 and 636 on the server as ‘listening’

I’d appreciate any thoughts

thanks

chris

https://www.ads-software.com/plugins/active-directory-integration/

Is this the correct way or can you provide insight on how this could be setup.

Thank you.

https://www.ads-software.com/plugins/active-directory-integration/

AD Integration Logon Test

openLDAP installed

[INFO]   method authenticate() called
[INFO]   ------------------------------------------
         PHP version: 5.5.9-1ubuntu4
         WP  version: 3.9.1
         ADI version: 1.1.4
         OS Info    : Linux ubuntuserver 3.13.0-24-generic #47-Ubuntu SMP Fri May 2 23:31:42 UTC 2014 i686
         Web Server : apache2handler
         adLDAP ver.: 3.3.2 Extended (201104081456)
         ------------------------------------------
[NOTICE] username: mrossi
[NOTICE] password: **not shown**
[INFO]   Options for adLDAP connection:
         - account_suffix:
         - base_dn: dc=asgobbin,dc=it
         - domain_controllers: 192.168.1.10
         - ad_port: 389
         - use_tls: 0
         - network timeout: 5
[NOTICE] adLDAP object created.
[INFO]   max_login_attempts: 300
[INFO]   users failed logins: 0
[NOTICE] trying account suffix ""
[ERROR]  Authentication failed
[WARN]   storing failed login for user "mrossi"

Logon failed

https://www.ads-software.com/plugins/active-directory-integration/