Want to get involved in developing SMF, then why not lend a hand on our github!

Main Menu

Ldap Authentication Mod

Started by psa, July 02, 2008, 05:53:13 AM

Previous topic - Next topic


Yup, you have my interest, I've been looking for a proper LDAP mod that's actively supported. I know of a lot of people that would like this mod also.


So far as I know, this mod still works on current versions of 1.1.x.  I tried to make it as upgradable as I could.

For SMF 2 it looks like all the database calls will need to be rewritten, and the configuration screens will need to be entirely redone.  I'm not even sure how to do this second part in SMF 2, so I'll have to do some research.

Mr. Jinx

I have recently installed this on a SMF 1.1.11 install with AD. Works perfect.
Now I hope development of this mod continues to SMF 2!
Shouldn't this mod be submitted as an official ldap mod in the modification-section?


There's an explanation in one of the first few pages that they rejected this mod because it depends on third party systems (the LDAP server).  While I disagree very strongly with this assessment both of the situation (an LDAP server is no more an external dependency than the webserver, PHP engine, or the browsers that users access SMF with) and with the small mindedness of discouraging larger systems integration like this, SMF is not an open source project and has no obligation to the community.  I respect their right to make these decisions for themselves, even when they shoot themselves in the foot.

I pursued it further than that, but they were very clear that this was considered an unsupported "bridge", and they wouldn't discuss it further.

Still researching SMF 2 mods.


Note that that was 2 years ago, times and attitudes can and do change.

There are mods that rely on third party services currently available; most of the anti spam ones do, so there is definitely precedent for it.


Yes, and there was a previous, less-thorough ldap mod accepted, which was still available on the mod site when I submitted, so I don't expect any particular level of consistency in these decisions.

If you think it is worth resubmitting this mod, I will do so.


I would, folks can make use of it.

Certainly when I was on the cust team I wouldn't have thrown it out on the basis of a third party requirement, and if there's an argument I can find you multiple mods that have dependencies outside of the basic SMF+server environment.

The one problem is that it is harder to test and validate the mod for security and performance because few team members (if any) will have an LDAP environment to test against.


There is still a mod entry for it, number 1283: "Warning: This mod has been removed from the approval queue".  Should I make a new one, or somehow ask that the old one get reviewed?

I notice that the very old (2005) mod for SMF 1.0 is still present, even now.


You can send the SMF Customization Team (account #1) a PM and they can reopen the mod, including you updating it if you wanted to.


Just would like to add, i have been running this mod for about 18 months now, and i havent had to touch it since, once setup does everything we could ever want
(15:10) <@DV> !ban Ard-Choille
(15:10) -ChanServ- Banned Ard-Choille from #deluxe.
(15:10) <@DV> Man that felt good

Mr. Jinx

Some extra input for the (possible) next vesion.

First I tried LDAP with AD, this worked without problems.
Then I tried to connect to our global LDAP server which doesn't run AD. This time it couldn't bind to the server.
After modifying the code with this patch from jcwatson11 : everything works smooth!
So it might be worth to take a look at that.

Finally we have a corporate forum thanks to this mod 8)


First time here. Just started using SMF as a staff community forum at an Educational establishment here in the UK. We really want this to talk to AD so that our teachers don't have to remember yet another username and password!

I have a budget waiting if somebody wants to get this working in 2 RC3. It will be shared with the community if done.  :)

Please PM me if you are interested in undertaking this work.




Hello, where I can download the latest version of your algorithm LdapAuth?
Mr. Jinx

Mr. Jinx

First of all, I didn't make it (read this post:
But here is the modified file I use to get LDAP (non AD) working. It contains all the changes from jcwatson11's post.


Quote from: Mr. Jinx on June 16, 2010, 11:01:47 AM
First of all, I didn't make it (read this post:
But here is the modified file I use to get LDAP (non AD) working. It contains all the changes from jcwatson11's post.

This LDAP working on latest version right ??

Thank youi

Mr. Jinx

No, this is for latest smf 1.x.x



I used it on smf 1.1.11/Linux mandriva 2010.1 and OpenLdap
It works fine !
But, manually installed because package seems corrupted by package manager

Before (smf 1.0.5) I used another mod, but it doesn't work with 1.1.11

So thanks for this great job !


Anyone make any progress with the port to 2.x?


I definitely have use for LDAP integrations.

I think one reason that you were hearing crickets is because most users have small one man sites or fairly simple sites, perhaps using a bridge, what ever. Not many would want to run a separate LDAP server is my guess.

Also, something even more important is that there are so many products which come to light, people start using them then the dev gives up on it and now that we are depending on this, are SOL for security and other updates.

I myself prefer to pay for these types of things and have some sort of promise that it'll be around for a while.

So, we're using SMF 2.0 RC4 I believe, what's the status on your product?