Simple LDAP Login 1.2 Wordpress Plugin

Simple LDAP Login 1.2 WordPress Plugin

10.28.08Posted by clifgriffin in Uncategorized84 CommentsTags: active directory, adLDAP, ldap, Simple LDAP Login, wordpress

This page contains information about an older version of Simple LDAP Login. While this version is stable and I encourage you to use it if you would like to, please note that the current version is being discussed and supported here.

If you have used this plugin (successfully or unsuccessfully), please leave me some feedback below. Doing so will help me help others who may be experiencing problems I am not aware of! Alternatively, you can e-mail me at webmaster[at]clifgriffin.com.

Official WordPress Link

Simple LDAP Login 1.2.0.1 for WordPress 2.7.1

Having a single login for every service is a must in large organizations. This plugin is a very simple. It authenticates your wordpress username against LDAP using the same username. It does this by redefining the wp_authenticate function and adding a simple hook to adLDAP. The logic goes like this:

If wordpress login fails, try adLDAP.
If adLDAP succeeds, login.
Else, fail.

Your WordPress usernames MUST be the same as your LDAP usernames for this to work!

Background

In times past, our organization used a custom hack of wp-login.php that allowed us to implement adLDAP. This was not an upgrade proof solution. In the recent round of upgrades, I tried several purported LDAP plugins. Some of them didn’t work at all. Some of them worked but didn’t provide the exact functionality I desired.

Version History

Version 1.2.0.1

Fixed security issue. Now only administrators can access admin pages.

Version 1.2

Implemented multiple domain controllers.
Changed field sizes on admin page to be more user friendly.

Version 1.1

Moved settings to administration pages under settings.
Upgraded to latest version of adLDAP 2.1.
Got rid of credentials. (They are not neccessary for the authenticate function in adLDAP!)
Plugin is now upgrade proof. Settings are stored using WordPress’s setting functions.

Version 1.0

Original release.

Installation (new instructions 1.1+)

Upload the directory “simple-ldap-login” to the `/wp-content/plugins/` directory
Activate the plugin through the ‘Plugins’ menu in WordPress
Immediately update the settings to those that best match your environment by going to Settings -> Simple LDAP Login
If you don’t get the settings right the first time…don’t fret! Just use your wordpress credentials…they will always work!

Change the settings under Settings -> Simple LDAP Login

Installation (old instructions)

Upload the directory “simple-ldap-login” to the `/wp-content/plugins/` directory
Customize settings by modifying adLDAP.php in /plugins/simple-ldap-login/
Activate the plugin through the ‘Plugins’ menu in WordPress

Note: You may wish to create a backup of adLDAP.php once you’re done. Automatic plugin updates might overwrite this file and make upgrades more difficult.

Frequently Asked Questions

~~Will you be moving the settings to the admin panel?~~ Version 1.1 accomplished this.
At some point. These settings are not frequently changed however and a competent system administrator should not have any issues with configuration.
~~I noticed you’re using adLDAP 1.4. Why?~~ Version 1.1 upgraded adLDAP to 2.1
This is the version my organization was using previously and it was very easy to simply copy over. It should work fine. If there are issues with this version that affect you, let me know and I’ll investigate.
It’s not working, what am I doing wrong?
- Make sure PHP is compiled with LDAP. If it is, running phpinfo should reveal a section entitled LDAP and it should indicate that it is enabled.
- Make absolutely sure your setttings are right and that your server can talk to your domain controller.
- Make sure your wordpress user accounts are the same as the LDAP user accounts you wish to use. This plugin does not bypass wordpress user accounts…just wordpress user account passwords!
It’s still not working? How can I get help?
There are two ways. You can post a comment below or you can e-mail me: webmaster[at]clifgriffin.com. I will respond as soon as I can.
Can feature x be added
Probably! E-mail me: webmaster[at]clifgriffin.com

Download it now…
Simple LDAP Login 1.2.0.1 for WordPress 2.7.1

You can leave a response, or trackback from your own site.

Merlyn

Hi!

It would be nice to see the plugin in action before installing in my blog.

Have a nice day,
–
.: Merlyn :.
http://clifgriffin.com clifgriffin

Unfortunately I have no way to demonstrate it. To do so would require an active directory server and blog visible to the world. I don’t have such a setup.

However, I can assure you that the logic is dead simple. The worst possible scenario is that logins continue to function as they currently do now. The function I use tries wordpress first and only adLDAP if it fails on this first step.

I hate authentication plugins that risk locking you out of your own blog so I did not implement it in that way.

Please let me know if there is anything I can do to assist you.
Pingback: Clifton Griffin | Simple LDAP Login Updated to Version 1.1 |
TutorialVine

Hi and thanks. I did not use your script as it was not directly what I needed, but it did point me in the right direction, and I just wanted to say thanks

It helped me realize how I could integrate the WP user system into my own system, especially also how I could use it to automatically transfer the old users to the new system!
http://clifgriffin.com clifgriffin

As noted above, Darren and I resolved this issue via e-mail. His WordPress user accounts were not using the same usernames as his LDAP accounts.

I did not properly document this and have added clarifying information to the readme/documentation.
David

Hi there, I enabled the plugin and now I can’t login even with my admin account. Do you know how to disable the plugin without logging in?
http://clifgriffin.com clifgriffin

@David,
That’s very strange. I’ve never heard of that happening. The code is written in such a way that it should never even attempt to look at LDAP if your wordpress credentials are able to log you in.

To disable the plugin, temporarily rename the folder the plugin is in (simple-ldap-login) to something else (like simple-ldap-login2) and then try to login again. It should disable the plugin.

Let me know if you have any issues.
http://www.montopolis.com babul

Clif -

Brilliant! Works like a champ on my two recently updated WordPress 2.7 sites. I was up in a running in less than 2 minutes.

Your (simple) login logic is what was sorely missing in the previous plugin I was using.

Is it possible to specify more than one domain controller? The ability to specify 2 or 3 would really help ensure that LDAP is given every opportunity to authenticate before going to the built-in WP credentials.

Thank you for your efforts on this plugin!!

http://clifgriffin.com clifgriffin

Babul,
Thank you for the kind feedback. My goal in the plugin design was that I wanted it to be as effortless as possible.

The multiple domain controller question is a good one. It’s been on my to-do list. adLDAP supports this natively, I just didn’t implement it in the settings interface. I wanted to make sure it worked as it was first before adding additional layers of complication.

That said, I have a very simple way to implement this which I will work on this afternoon and hopefully push out an update by the end of the day.

In the meantime, if anyone can tell me why my comments are out of order on this page, I’d love them forever.

Clif

simo

having problems with multiple domain name controllers

http://clifgriffin.com clifgriffin

As promised, I have updated the plugin with the requested feature. Thanks for the suggestion.

http://hazmanaziz.com Hazman Aziz

Hi Clif,

Do i still need to install adLDAP into my server?

I also could not locate if my php is LDAP enable under this url: http://127.0.0.1/home/phpinfo.php. Possible for you to print screen for me.

I am trying to use your plugin for my university library.

Regards,
Hazman Aziz

http://clifgriffin.com clifgriffin

Simple LDAP Login includes a copy of adLDAP, so there is nothing to install.

It is important to make sure PHP was compiled with LDAP. If you do not see a section called “LDAP” on your phpinfo() page, that may be indication it is not installed.

Installing it will vary depending on your OS. I recommend using an RPM or update manager to ensure you’ve done it correctly.

Let me know if you have any issues.

http://www.bram.us/ Bramus!

Hi Cliff,

very nice work. Works like a charm!

However, I’ve edited the line where you add the option to the wp-admin (line #20 of Simple-LDAP-Login.php): Instead of allowing user level 1, I’ve bumped it up to 10.

By this only admins can change the LDAP settings, which adds an extra level of protection (By this contributors and editors can’t edit the settings, as they have no business with this plugin nor its settings).

I think this is worth of pushing back into your code, as it’s an added security imo.

Regards,
Bramus!

http://clifgriffin.com clifgriffin

Excellent observation.

Most of my installations have multiple admins so I never noticed this issue. I will include this change in a micro-version update shortly.

Whittet

This change looks like something we still need.

http://clifgriffin.com clifgriffin

Good point. I completely forgot.

http://clifgriffin.com clifgriffin

Fixed! Thanks for your feedback.

David

Hi clifgriffin, you say the wordpress usernames have to match the LDAP usernames. Does this mean I have to create usernames for these people. The reason I ask is we have 3000 employees here and I dont really want to maintain this list. With other plugins you dont have to pre create usernames.

Thanks for any response.

http://clifgriffin.com clifgriffin

Hi David,
I chose to emphasize simplicity in this plugin design. I wanted something that would “just work” unlike many of the bloated, non-functioning LDAP plugins available.

The fact that you’re commenting on my plugin is probably because you have tried one of these unsuccessfully like I did.

That said, I will investigate whether or not I can reliably create users based on group membership and consider adding it in an “advanced features” section.

My primary goal will be not breaking existing users installations though.

Thanks for weighing in!
Clif
http://restraint.org Jairus Khan

My situation is similar; this plugin would be perfect if it could create use LDAP users without matching wordpress users (or create new wordpress users upon first login and populate the data from LDAP).

Pingback: Clifton Griffin | Comments out of order in Wordpress 2.7? |
Lars

works like a charm. Had to install php-ldap on RedHat 5.3 Enterprise, so if you get an error about a missing function, check that you have ldap support in PHP.
Lars

I have a question, can I use some visible login plugin with this? I prefer to have a user/password field directly in the sidebar over having to use the meta-plugin. I tried sidebar-login, but it uses the old wordpress login…
Lars

got another problem here… I installed the “gear” Theme, now LDAP auth doesn’t work anymore… switched back to default, works again. I have no idea what happens here, since I guess the login procedure is the same for every theme?

http://clifgriffin.com clifgriffin

That’s strange. Can you link me to the gears theme?

http://blog.oeschey.de Lars

it’s here
http://wordpress.org/extend/themes/gear
http://blog.oeschey.de Lars

did you have a chance to check that problem yet?

http://clifgriffin.com clifgriffin

Hi Lars,
I’m not sure why it would fail with that theme. My plugin’s primary action is redefining the wp_login function.

I have searched through the gear theme’s files and can’t find any place it is redefining that function.

As someone using the theme, can you think of anything it does differently as pertains to logins? Does the theme have a custom login page I’m not seeing?

I suspect that this is ultimately a problem with the theme as this is the only theme related complaint I’ve had about this plugin.

Justin

Many thanks for the simple plugin that just works. I’ve wasted a lot of time trying to get WordPress, Pebble, and Blojsom to work with Kerberos or Active Directory using various plugins.

While authentication with Active Directory is now working great, I’m still interested in omitting the login prompt for users who have already authenticated with the secured Apache web server via Kerberos. Are you able to pull the user’s name from the existing session to automatically log the user in or is there another solution?

Justin

Okay, I answered my own question.

The plugin “http-authentication” logs users in who have already authenticated with the web server. “http-authentication” will also create new WordPress accounts. To avoid making users click “Log in”, just start them on the page “/wordpress/wp-login.php” instead of “/wordpress”.

Whittet

Thank you Justin!!!!!!!!!!!

HTTP Authentication plugin solved it for me too. I have it working on WAMP. I just need to try setup for a LAMP now.

http://Internalwebsite Nazeer

Hi Clif,

I tried this plugin in our internal LDAP setup using WP 2.7.1. Unfortunately, it doesn’t work (I wonder even it is called from WP!). I have activated the plugin and put required settings. I didn’t add required suffix as we have no suffix.

Any help.

Regards
Nazeer

http://clifgriffin.com clifgriffin

Hi Nazeer,
I have no ideas that I haven’t already shared with other users in these comments.

The underly functionality is completely in adLDAP. If the plugin isn’t working, there is something about your environment that is preventing adLDAP from working.

What LDAP provider are you using?

Clif

Christopher Crisis

Excellent plug in. I was able to easily configure to allow users from our Active Directory. I did however, have to follow .2 from the old instructions:

“2. Customize settings by modifying adLDAP.php in /plugins/simple-ldap-login/ ”

Not sure why that is, but it was the only way I could get the configuration to work.

Again, nice work….

~Chris

http://clifgriffin.com clifgriffin

That’s really weird!

Glad you got it working.

Christopher Crisis

Why weird? should it have worked by simply configuring from the Plugin Admin screen????

http://clifgriffin.com clifgriffin

Yes sir, that’s how I use it and how everyone else (that is using the new version) has been using it.

What version of PHP are you using?

Christopher Crisis

PHP Version 5.2.9-1

http://clifgriffin.com clifgriffin

Well there goes that theory. I thought that perhaps there was an issue with PHP 4 and the scope of WordPress’s global variables. (Which wouldn’t make complete sense since WordPress works fine on PHP 4 as far as I know.)

Next question: Do your suffix, DN, or DC have any abnormal characters in the in them?

http://localhost spar

Hi,

i installed the Simple LDAP Login 1.2 in my wordpress Version 2.7.1, now i want authenticated my user throw openldap.

I have configured the simple ldap login in wordpress Admininterface.

Details:
BN:dc=openldap,dc=com
Domain Controllers: localhost

The login have no function and there are now connections in the ldap logs from the localhost.

Any Ideas?

http://clifgriffin.com clifgriffin

Make sure you have wordpress accounts with the same usernames as your LDAP accounts. This plugin simply attempts to authenticate any wordpress user against LDAP.

This plugin does not create users that do not exist. Because of this, it’s primarily intended to be used with
http://clifgriffin.com clifgriffin

Do you have wordpress accounts for the accounts you’re trying?
http://clifgriffin.com clifgriffin

Hi Spar,
I have posted a new version that *may* work with OpenLDAP. Unfortunately, I haven’t been able to test this functionality yet.

You can access it here:
http://downloads.wordpress.org/plugin/simple-ldap-login.1.3.zip

http://www.andretenreiro.com Andre

I have installed WP 2.7 and the plugin does not work for me!

I think I have setup the plugin correctly but when I try to login is shows me an “Invalid username”.

LINE 50: $user = get_userdatabylogin($username);

Some Code I tested:
ADD LINE 51: echo $user; (RESULT -> NULL)

So, the next comparison will be always false.

LINE 52:
if ( !$user || ($user->user_login != $username) ) {
do_action( ‘wp_login_failed’, $username );
return new WP_Error(‘invalid_username’, __(‘ERROR: Invalid username.’));
}

Please help me to figure it out the problem!

http://clifgriffin.com clifgriffin

I use this plugin in an environment with over 20,000 Active Directory accounts. (Only a handful have access to our blog)

I just verified that my version of the plugin is the same as yours.

The lines you reference avoid two scenarios:
1. Someone clicks login without putting a username.
2. Someone inputs a username that does not exist in the WordPress system.

Make sure you have wordpress accounts with the same usernames as your LDAP accounts. This plugin simply attempts to authenticate any wordpress user against LDAP.

This plugin does not create users that do not exist. Because of this, it’s primarily intended to be used with smaller systems.

Regards,
Clifton

http://www.andretenreiro.com Andre

Hello,

I dont have WP accounts! Is it possible to create them with the first LDAP Login?

According to the scenarios:

1. I don’t leave any empty field.
2. the username definitely exists in the LDAP (I’m 100% sure because I’m the system administrator).

http://www.andretenreiro.com Andre

I expect the account to be created within the first LDAP succeeded login, or it doesn’t work this way?

http://clifgriffin.com clifgriffin

No, it doesn’t work that way.

I eventually would like to add that option but I can’t warrant spending the time at this point. (It’s a fairly complicated feature)

http://www.andretenreiro.com Andre

Anyway, I created a new user with the same username but differents passwd as in LDAP directory.

Although, it logins successfully only with the WP internal password. It seems that the LDAP fails or it doesn’t connect to the ldap at all.

Aaron

Similar to ealier comment, I have come across another theme which apparently “break” ldap login. This is the “Ahimsa” theme. The ldap plugin works like magic with all the other themes that I’ve tried. When I apply the Ahimsa theme, I get an “invalid password” error. Doesn’t appear to be using any customized login screen. Looks like the standard login screen.

http://clifgriffin.com clifgriffin

I really do want to figure out what the issue is on this, but my schedule does not permit it at the moment.

If a theme breaks it, I have to think the theme is doing something incorrectly. That sounds like an excuse, but I think it’s a pretty reasonable assumption. My plugin works with the vast majority of themes…including the ones written by WordPress.

Does anyone else know of reason why a theme can break a plugin like this?

http://robertovargas.wordpress.com/ Roberto

Hi,
I am trying to implement a WordPress 2.7.1 with simple LDAP Login, but It’s doesnt work for me. My DN is “ou=Users, ou=OxObjects, dc=pyaing, dc=cl”. We dont have a suffix, and our ldap server is using OpenLdap. I get all the time a incorrect password error. In this same wordpress server I have a PHP Intranet that is using LDAP authentification correctly, so communication between the two machines is ok, and I know PHP-LDAP is working.
what could be wrong?

Thanks

http://clifgriffin.com clifgriffin

Hi Roberto,
I have posted a new version that may work with OpenLDAP. You can download it here:

http://downloads.wordpress.org/plugin/simple-ldap-login.1.3.zip

This version has not been tested with OpenLDAP, because I don’t have that capability. But it uses Olivier Fontes’ code, which has been proven to work.

Clif

http://robertovargas.wordpress.com/ Roberto

Hi,
I have WordPress 2.7.1 with the simple LDAP plugin, but I can make it work. My DN is ou=Users, ou=OxObjects, dc=pyaing, dc=cl, and the server is using OpenLDAP. I have created a user with the same name that in LDAP, but I keep getting a password error message. In this same wordpress server I have a Intranet written in PHP and that authenticates with LDAP, so i know that PHP-LDAP is working.
What else could be wrong?

Thanks

http://clifgriffin.com clifgriffin

Hi Roberto,
My first instinct is that your DN shouldn’t have OU’s in it. I would check that first.

Clif

http://robertovargas.wordpress.com/ Roberto

It worked finnaly, but with a implemmentaion of your plugin by Olivier Fontes, the MXC LDAP plugin. I dont know what was the difference between the two plugins, only that he made it to work with OpenLDAP.

Thanks for a great plugin, and keep the good work!!!

http://clifgriffin.com clifgriffin

Interesting. I was unaware of that plugin’s existence.

I will do some research into adLDAP and if it is imcompatible with OpenLDAP (and others) I will consider changing it out for something more universal.

Thanks of your feedback!

Vinod

First, Thanks many for your efforts. I am trying to set this up. I am not sure about the values to be fed in to the plugin settings page. Can you please provide a test login success/fail option in the settings page to easily validate?. Thanks again.

http://clifgriffin.com clifgriffin

Thanks for commenting. The values can be a bit tricky to figure out if you are not extremely familiar with LDAP.

A test login page is a good idea…I will try to include that in the next version. Unfortunately I don’t have a time frame for when it will be available but intend to work on it some in the next couple of months.

Two browsers might help you tweak the settings while testing them in real time.

Eliot Lear

Evaluated plugin, and found it basically functional. Unfortunately we need something slightly more robust that carries other identity information.

Thanks for the running code example.

http://clifgriffin.com clifgriffin

Thanks for the feedback. I’m not sure what you mean by more robust or the identity information.

I’m planning on adding more features, including the ability to grant users access based on a group, including auto account creation for new users in that group. I’d also like to move to a method that works well with both Active Directory and OpenLDAP. (Reports seem to indicate it doesn’t work with OpenLDAP at all.)

Could you give me more information on specifically what your needs were?
http://clifgriffin.com clifgriffin

Eliot,
I have posted an updated version of the plugin that may fit your needs. You can download it here:

http://downloads.wordpress.org/plugin/simple-ldap-login.1.3.zip

http://www.shaneschnell.com Shane Schnell

Great plugin!
I have been using it quite a bit, but I do have a question. I work at a large organization, and lots of people want blogs. I have setup a script that installs wordpress, extracts all themes and plugins, etc… I was wondering when you update the settings where is it stored? Is there a config I can open and edit?
Thanks, and keep up the great work!

http://clifgriffin.com clifgriffin

Thanks for the kinds words. I use WordPress’s internal setting routines. I’m not sure how they are stored, but the method I use is wp_options. It probably stores each of them in a common table.

Hope that gives you a good starting place.

http://www.shaneschnell.com Shane Schnell

That did the trick! Thanks for the quick response.

http://www.multnomah.edu LeRoy Lee

I have installed this on several blogs. It is working great. So much simpler and more functional than the beasts I had been using. I was surprised how quickly I had it set up because our AD config seems to be “complicated” for everything else we use.

http://clifgriffin.com clifgriffin

Thanks for letting me know. I developed it precisely because I couldn’t get any other offering to work. I needed it to be simple.

Guest

Does not work, dont know what the issue is.
All it accepts is the worpress username and password.

http://clifgriffin.com clifgriffin

Are you using Active Directory or some other LDAP installation?

Do you have accounts in LDAP with the same usernames as WordPress?

Pingback: Simple LDAP Login 1.3 Beta Released « Clifton Griffin
Pingback: Simple LDAP Login 1.3 for Wordpress « Clifton Griffin
Pingback: Craig’s Work Blog » Blog Archive » Some recently useful WordPress plugins
simo

yo!! thanks for EXCELLENT plugin!!
http://clifgriffin.com clifgriffin

Hi Darren,
I mistyped. Thanks for calling my attention to this.

The download includes a folder (/simple-ldap-login/) with two files (Simple-LDAP-Login.php and adLDAP.php).

Simply modify adLDAP.php…as I have recommended…in place. You don’t have to move it. I’m not sure why I said to modify it in the backup folder. Creating a backup folder is not a bad idea though as this prevents adLDAP from being blown away by updates.

Please let me know if you have any issues and I will help you get this to work.

Cordially,
Clifton
http://clifgriffin.com clifgriffin

I have updated the readme in the official download. Thanks again for your feedback.
http://internal Darren

Kicking my ars here over this. I’m running a homebrew PHP site that does LDAP via PHP. Beneath the root I’m running a WordPress site and I’m trying to use your simple ldap to provide the auth.

I don’t get it. It just won’t work…always says invalid username.

Here’s the only things I’ve changed.

// You will need to edit these variables to suit your installation
var $_account_suffix=”@danisco.com”;
var $_base_dn = “DC=ad1,DC=danisco,DC=com”;

// An array of domain controllers. Specify multiple controllers if you
// would like the class to balance the LDAP queries amongst multiple servers
var $_domain_controllers = array (“server.ad1.danisco.com”);

// optional account for searching
var $_ad_username=”ad1\userid”;
var $_ad_password=”password”;
http://clifgriffin.com clifgriffin

The only thing that seems odd right off the bat is your $_ad_username=”ad1\userid”;

You might not need the ad1\ part.

Also, you need to make sure userid has access to read your active directory structure. (read pretty much everything) (Edit: It turns out that this part was completely unnecessary. I have removed it…please download the latest version.)

I would test the account using something like ADSIEdit and make sure you can view the chosen accounts. (You can use runas from CMD to run mmc.exe as that user and then add ADSIEdit as a snap in.)

I have only tested this using Active Directory so if you’re using another LDAP implementation, that could cause problems?

Beyond that, if your domain is ad1.danisco.com and your domain controller is server.ad1.danisco.com…it should work. Make sure you ping the latter from the server in question. You might try running nmap against it to verify the proper ports are open.

These ports were open on my server:
88/tcp open kerberos-sec
111/tcp open rpcbind
135/tcp open msrpc
139/tcp open netbios-ssn
389/tcp open ldap
445/tcp open microsoft-ds
464/tcp open kpasswd5
593/tcp open http-rpc-epmap
636/tcp open ldapssl
1026/tcp open LSA-or-nterm
1027/tcp open IIS
3268/tcp open globalcatLDAP
3269/tcp open globalcatLDAPssl
3389/tcp open ms-term-serv
13722/tcp open VeritasNetbackup
13782/tcp open VeritasNetbackup
13783/tcp open VeritasNetbackup

Obviously most of these have nothing to do with LDAP, but if you can’t telnet to any of the ldap related ports (including Kerberos), this could be a routing/firewall issue.

Good luck and please let me know if you continue to have troubles.
http://clifgriffin.com clifgriffin

One more note:
We have our domain setup to allow all authenticated users to read. In ADUC (active directory users and computers), I can right click at the top node in tree and go to properties and the security tab. We have “Authenticated Users” there. If you are going to use one user account to accomplish this and not let others read all, you’ll need to add that user account there.
http://clifgriffin.com clifgriffin

Darren and I resolved this issue via e-mail. His wordpress accounts were not using the same username as his LDAP accounts. I have clarified this aspect in the documentation.
http://internal darren

I’ll try it without the AD1\ and see what I get. The account I’m using is being used on this server already as an LDAP auth for the root PHP based web site. It ‘should’ work with this one. I don’t know why it wouldn’t, it has the proper rights, etc. Do you know if there’s a way to ‘trace’ what’s happening during your auth session?

We are using Active Directory and I’m trying to auth against the local domain controller, which is a Win2K3 Std server.

I’ll run the port checks you indicated and see what I get. I’m headed to NYC for 3 days so I might be delayed a bit.

Thanks for the help!!!
http://clifgriffin.com clifgriffin

I didn’t write any of the AD code. It’s using adLDAP.

There might be a way to log what adLDAP does…I’m not sure. Let me know what happens after those changes and we’ll see what we can do if it continues to not work.
http://internal darren

didn’t work by removing the AD1\

I downloaded the adLDAP but didn’t notice any logging ability. I’ll keep tinkering.
http://clifgriffin.com clifgriffin

Darren,
I just released version 1.1.

This version upgrades adLDAP to 2.1, moves the settings to the administration panel, and completely removes credentials as adLDAP does not need them to use the authenticate function.

Please install this version, change the settings in the administration panel under Settings -> Simple LDAP Login, and let me know if this works.

Thanks for helping me work on these issues.

Clif