Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

User role management with LDAP Groups #5

Closed
wants to merge 1 commit into from
Closed

User role management with LDAP Groups #5

wants to merge 1 commit into from

Conversation

alchris
Copy link

@alchris alchris commented Dec 30, 2013

Hi,

I extended your code to fit the plugin to our needs.

I added the following features:

User's roles can be managed by OpenLDAP: The user's roles are allocated to LDAP Groups. If a user is member of a group, he obtains the matching role. The groups to roles allocation can be configured in the wordpress admin interface. If the user is not in an allocated group, a default role is used.

LDAP filter syntax is used to search for user dn and group dn. This makes the plugin much more flexible to different LDAP configurations. The filter can be configured in the admin interface.

After every login, the user details can be synchronized to the LDAP entries. This feature can be activated or deactivated in the wp admin interface.

In the default configuration, my code should behave like your default configuration.

It would be nice if you could merge some or even all of this features into your default code. So it would be much more easy for me to update the plugin.

Kind regards,
Christian

Added the following features:

User's roles can be managed by OpenLDAP:
The user's roles are allocated to LDAP Groups.
If a user is member of a group, he obtains the
matching role. The groups to roles allocation
can be configured in the wordpress admin interface.
If the user is not in an allocated group, a
default role is used.

LDAP filter syntax is used to search for user
dn and group dn. This makes the plugin much
more flexible to different LDAP configurations.
The filter can be configured in the admin interface.

After every login, the user details can be synchronized
to the LDAP entries. This feature can be activated
or deactivated in the wp admin interface.
@koocotte
Copy link

koocotte commented Apr 3, 2015

I think your modifications in ldap_auth() require that you can search your directory with anonymous bind.

@clifgriffin
Copy link
Owner

I love the idea here, but I think it's a bit too much to merge into the current code base. Please feel free to port to the new code base and resubmit for review.

Note: I really want to keep the plugin using the entered username / password from he login form for any binds rather than requiring a separate bind username / password.

@georgemsaad georgemsaad mentioned this pull request Aug 9, 2016
@wixaw
Copy link

wixaw commented May 5, 2017

Hi,
Is it intended to set up the non-anonymous connection?

@clifgriffin
Copy link
Owner

@Willouuu SLL uses the logging in customer's account to perform any read operations, so a separate authenticating account is not required. Does that answer your question?

@wixaw
Copy link

wixaw commented May 10, 2017

Hi @clifgriffin , no because my OpenLDAP ACL deny some attributes and group management no work.
I had to modify line 386 : $ldapbind = @ldap_bind($this->ldap, 'cn=userspe,ou=special,dc=domain,dc=fr', 'passwd');
Now I could not update this plugins without modifying this line every time

@craigtommola craigtommola mentioned this pull request Dec 1, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

4 participants