Enable LDAP authentication (WebMail Pro 6 PHP)

From AfterLogic Wiki

Jump to: navigation, search

The idea of this approach is to check email and password by looking up the user in LDAP data directory. If lookup is successful and the password is correct, WebMail Pro continues with the login process - connecting to server, creating WebMail Pro account if necessary etc. If check against LDAP server fails, WebMailManager_AccountAuthentication exception is thrown.

In order to make use of this kind of authentication, download the plugin and extract it under data/plugins directory so that index file of the plugin is located at data/plugins/ldap-auth/index.php filesystem path.

After that, you need to enable and configure the plugin. That is done by modifying config.php file. Add the following to the array there: 

'plugins.ldap-auth' => true

And, in exactly the same way, you'll need to supply a set of access details. Each configuration value is explained below.

plugins.ldap-auth.config.host
hostname for connecting to LDAP server
plugins.ldap-auth.config.port
port for LDAP server access
plugins.ldap-auth.config.bind-dn
stands for user which is authorized to perform lookup on LDAP server
plugins.ldap-auth.config.password
access password for the above user
plugins.ldap-auth.config.users-dn
directory which contains user accounts (i.e. user directories)
plugins.ldap-auth.config.email-field
supply name of the field where user email is stored
plugins.ldap-auth.config.password-field
supply name of the field where user password is stored

Eventually, your copy of config.php should be filled with the content similar to the following: 

<?php
 
return array(
	'plugins.ldap-auth' => true,
	'plugins.ldap-auth.config.host' => '127.0.0.1',
	'plugins.ldap-auth.config.port' => 389,
	'plugins.ldap-auth.config.bind-dn' => 'cn=Directory Manager',
	'plugins.ldap-auth.config.password' => '123456789',
	'plugins.ldap-auth.config.users-dn' => 'ou=customers,ou=Service,o=my.domain.com,o=primary',
	'plugins.ldap-auth.config.email-field' => 'email',
	'plugins.ldap-auth.config.password-field' => 'userpassword'
);

That's it, your users should be able to log in, and each login attempt is verified against LDAP storage first, the credentials entered by users are comparied with fields referenced by 'plugins.ldap-auth.config.email-field' and 'plugins.ldap-auth.config.password-field' parameters. Please note that user password should be kept non-encrypted in LDAP storage for this to work. Of course, you can modify the plugin to implement more sophisticated checks.

Last edit: 2011/6/21

WebMail Pro PHP documentation

Installation


Configuring WebMail

Customization

Integration

Synchronization

Clustering

See Also

Retrieved from "http://www.afterlogic.com/wiki/Enable_LDAP_authentication_(WebMail_Pro_6_PHP)"