Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: Finchwizard on September 29, 2003, 09:48:56 AM
-
Ok,
I have installed MoreGroupware a couple of times and it's a good groupware package. I really like it.
But I want it to Authenticate of the users that are already on my E-Smith Server. Instead of adding them all manually.
I know Twiggi you can do this, which is a good Groupware package, just a RPM and that's it installed, which is really really nicely done.
But the Interface isn't as polished as MoreGroupware etc....plus we need the forums in Moregroupware.
Can ppl let me know if they've done this, and maybe a how to or even a RPM if you've already done it,
Thanks
Finchwizard
-
id guess when u set it up u use ldap ?
-
I don't remember seeing that..........
I only ever got the option to use SQL.
Hmm, will try it again now though.
-
Ok, I've installed Moregroupware again, and when I got to LDAP settings, I kind of got stuck.
It asks for a few things, can ppl tell me what they are.
LDAP Host: --Which is 'localhost'
LDAP Base: --No idea
LDAP userid: -- Is this the root or admin username?
LDAP Password: --Whatever the above is.
LDAP Suffix: -- No idea what this is either
So I need to know what the default values for these are...... I think the base was the domain split up into 'dc=blah, dc=com'
So the domain is 'www.blah.com'
Kind of thing?? IS that right does anyone know....
And people that have installed 'Moregroupware' I want it so Webmail is automatically configured as well......is that based on the proper LDAP settings?
-
Finchwizard wrote:
>
> Ok, I've installed Moregroupware again, and when I got to
> LDAP settings, I kind of got stuck.
If you are a subscriber to the devinfo mailing list, you'll have got my email mentioning that this won't work on an out-of-the-box SME.
It boils down to the fact that the LDAP directory on SME can't be used for authentication - it doesn't have password information in it.
I managed to work out what the "correct" settings were for that LDAP screen, and through some poking around, found out that even with everything correct, it still wasn't working.
So, I see three choices :
1.- Use the SQL authentication (re-create all the accounts, manage them seperately)
2.- Use NTLM/htacccess authentication, try and get it working with PAM to authenticate against the linux /etc/passwd (or shadow) and then use the index_ntlm.php instead of index.php to login.
3.- Write a replacement for the LDAP authentication method that will use the IMAP server to authenticate.
I'm looking into 2 and 3.
G
-
If you are looking for a way to use IMAP to authenticate, I am using a program with this feature. It currently authenticates against my 5.6U5 e-smith box.
Check out Moodle at www.moodle.org.
-
To the guys response about it not working with LDAP, I haven't changed any LDAP stuff. I told it some settings, and it worked....Authenticates fine.....no problems.
But now I have the problem, they can log into more groupware, but they will have to setup their Email account themselves, and most ppl here aren't smart enough to do that.
I just want the email to be created automatcially whenever they log in.
I did try the NTLM, and it didn't work.
-
Finchwizard wrote:
> To the guys response about it not working with LDAP, I
> haven't changed any LDAP stuff. I told it some settings, and
> it worked....Authenticates fine.....no problems.
What settings did you give it??
G
-
You just say that the LDAP server is on the local host.
Give it the root username/password that it asks for.
Their is another thing there, about Base or something?
You have to input your domain Say your domain is "http://www.luckychicken.net"
You have to put it in as "dc=luckychicken, dc=net"
I think I actually just put it in as luckychicken.net anyway, and it still worked, I'm using 6.0b3 for this btw.
It will tell you what the settings are under the "Directory" Link under the server manager.
Just input them into Moregroupware setup.
And you can authenticate, the only problem I'm having is that moregroupware won't setup the email accounts when they person first logs in, which I REALLLY need, if anyone out there knows what to do.
-
Finchwizard wrote:
> Just input them into Moregroupware setup.
> And you can authenticate, the only problem I'm having is that
Wow... is this a difference between 5.6 and 6.0b3 I wonder? Does anyone have any insight into that (Charlie, I wish you might comment on this?).
> moregroupware won't setup the email accounts when they person
> first logs in, which I REALLLY need, if anyone out there
> knows what to do.
I'll have a look - when I did my last install, it was a bit buggered - the whole webmail2 module was totally busted (wrong DB setup).
G
-
Finchwizard wrote:
> To the guys response about it not working with LDAP, I
> haven't changed any LDAP stuff. I told it some settings, and
> it worked....Authenticates fine.....no problems.
I don't believe that it is authenticating using LDAP. The LDAP database does not contain passwords. Nothing puts them in there, and the directory is not configured to hold them anyway. It's not possible to authenticate against LDAP if it contains no password information.
Charlie
-
Well, I chose LDAP when I was install MoreGroupware.
And it gave me the option to add the account into MoreGroupware when I installed it that way.
I tested it with users that were only added on the SME Server, and I tried to log in as a user that does not exist. Just to see if it let me, and it didn't.
So It's definately authenticating from somewhere. So either your mistaken about it authenticating of LDAP.
Or Moregroupware has don't something tricky when using LDAP.
Who Knows, All I know is that it works, and it was exactly what I wanted.
I just need it to configure the email settings when the account is created.
Unless someone else has done this, then please tell me how!
-
Finchwizard wrote:
> I tested it with users that were only added on the SME
> Server, and I tried to log in as a user that does not exist.
> Just to see if it let me, and it didn't.
>
> So It's definately authenticating from somewhere. So either
> your mistaken about it authenticating of LDAP.
Do me a favour - try logging in as an existing SME user, and not one that you have logged into moregroupware as before - BUT! supply a password that you know is incorrect. I suspect the "authentication" that is happening is merely a check to say that the user exists in LDAP, not that the password is correct.
G
-
That's what I said before.
I tried entering a user that wasn't there, and one that was there, but with wrong password.
And it worked.
Who knows hows why it's happening, all I know is that its doing exactly what I want.
Apart from the emails! :)
-
Finchwizard wrote:
> I tried entering a user that wasn't there, and one that was
> there, but with wrong password.
>
> And it worked.
I missed understanding that one... what does "it worked" mean here?
Can you tell me what happens to these two actions?
Action 1: login as a new, never logged into moregroupware before, SME user - giving the WRONG password. What happens?
Result A : moregroupware allows login with wrong password.
Result B : moregroupware disallows login, reports "wrong password"
Action 2: login as an SME user that has already been used to login to moregroupware, giving the WRONG password. What happens?
Result A : moregroupware allows login with wrong password.
Result B : moregroupware disallows login, reports "wrong password"
Cheers,
G
-
Right.
Action 1: Gives Result B
Action 2: Gives Result B
That's what I was trying to say before. Sorry if I was un-clear.
Finchwizard
I'd rather get the email section worked out though :D, like I've been saying.