Support » Plugin: authLdap » Elementary question about LDAP URI

  • Apologies for the rudimentary nature of the question but i don’t understand why a uid is required in the LDAP URI settings field. I had thought the authLDAP plugin would simply try and authenticate with the username supplied at the wp-login prompt against the LDAP directory server. In this case the uid would be dynamic.

    Alternatively if the uid field here is really specifying the admin user of the LDAP directory itself i still don’t follow as i don’t want the authLDAP plugin to modify anything on the LDAP directory.

    Many Thanks

    David

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author heiglandreas

    (@heiglandreas)

    Hey David.

    You can use authLdap to authenticate using f.e. an Email-Address (that is done via the filter). So the user types in the Email-Address at the login prompt. But WordPress would like to have a username (that is not the email-address as that’s a separate field). So the uid-field is used to map the (via Email-Address authenticated) user to the WordPress username.

    Was that understandable?? 😉 If not don’t hesitate to say so!

    Hi Heiglandreas,

    Many thanks for the swift response ! Right, well as we don’t use Email-Address based WordPress accounts i guess i am still wondering what, in our case, should directly follow uid= in the LDAP URI field within the General Server Settings section.

    Many Thanks Again

    David

    Hi Heiglandreas,

    I may have misunderstood but was your reply perhaps pertaining to the uid= in the Filter section ? My question was regarding the LDAP URI field that is higher up in the “General Server Settings” section.

    The example given is: ldap://uid=adminuser,dc=example,c=com:secret@ldap.example.com dc=basePath,dc=example,c=com

    I thought that the AuthLDAP plugin would simply take the username and password that the wordpress user had entered at the wp-admin login prompt and see if the same credentials successfully authenticated via the LDAP directory.

    So i still can’t see what i should replace the “adminuser” with in the example given above. Surely the user being authenticated should dynamically depend on the username entered in the wordpress login box ?

    Many Thanks

    David

    Plugin Author heiglandreas

    (@heiglandreas)

    SOrry for my missunderstanding and being quiet for so long.

    To be able to authenticate a user using any possible (unique) attribute from the LDAp against the LDAP we need to search for the user first. Some LDAP-Servers though need an authorized account to do so. That is always the same account and should only be used for that purpose. And that account can be given here in the LDAP-URI. It‘s usually something that you get from the admins of your LDAP. When you can use a so called „anonymous bind“ (no user needs to authenticate) you leave them out of the URI so that it then read something like „ldap://ldap.example.com/dc=searchBase“.

    Does that help you?

    Cheers

    Andreas

    Hi Andreas,

    Thanks for your help clearing that up ! It is still not working but i need to have a look in greater detail in conjunction with the documentation and start a new post if needed.

    Thanks once again

    David

    Plugin Author heiglandreas

    (@heiglandreas)

    Hey David.

    Feel free to send me your configuration and the problems via email to authldap AT heigl DOT org. I might be able to help you on the actual problem 😉

    Cheers

    Andreas

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Elementary question about LDAP URI’ is closed to new replies.