I can confirm that we are using our Active Directory LDAP instance with WebPA 2. Most of our users login via the LTI but there are some that need direct access.
It is a while since I set it up but I would be happy to answer any direct emails about the changes I needed to make to our code to get it to work,
All the best,
Andrew Millington | Academic Applications Development Software Developer
IT Services | Room 0.036 | Polwarth Building | University of Aberdeen | Foresterhill | Aberdeen | AB25 2ZD
Tel: +44 (0)1224 43 7056 | Email: [log in to unmask]
From: WebPA [mailto:[log in to unmask]] On Behalf Of Stephen P Vickers
Sent: 13 April 2016 11:47
To: [log in to unmask]
Subject: Re: WebPA LDAP support
I believe there are users out there who are using LDAP with WebPA 2. I certainly tested it against an LDAP server but have never used it in a production environment. What error message does it give you when you try?
It should be a matter of uncommenting the line in the inc_global.php file:
// $LOGIN_AUTHENTICATORS = 'LDAP';
You may also want to comment out the line:
$LOGIN_AUTHENTICATORS = 'DB';
or move it below the LDAP line if you want to give priority to LDAP authentication.
Then setting the constants:
The mapping allows you to specify the names of the LDAP attributes as used in your LDAP server, for example:
// Mapping of LDAP server attribute names (WebPA name => LDAP attribute
$LDAP_INFO_PARAMETERS = array('forename' => 'givenname',
'lastname' => 'sn',
'email' => 'mail'
The work is done by the LDAPAuthenticator class.
On 13/04/2016 10:15, Spark, Alistair wrote:
> Hi Claudio,
> I came to same conclusion as you - tried setting up WebPA for prod
> last week and came to the same conclusion & from the looks of this
> mailing lists’s archives no one has been able to get LDAP working in
> the last year due to this limitation. Seeing as similar threads to
> this one have remained without answer.
> We’re very much at a piloting stage so have resorted to manual accounts.
> Alternatively, I did note along the way though that an LTI 2.0
> integration is being worked on currently, this would allow for
> seamless integration with all VLEs including memberships & group syncs
> I believe which would make that integration a lot more useful.
> Figured that if the pilot is successful we’ll have to invest
> development time in getting this working, or just use LTI 2.0 if it addresses our needs.
>> On 7 Apr 2016, at 06:39, Claudio Iturbe <[log in to unmask]
>> <mailto:[log in to unmask]>> wrote:
>> I'm looking to setup an instance of WebPA here at Monash and would
>> like to know a little bit more about what LDAP is supported. Please
>> correct me if I'm wrong but it seems to me from looking at the code
>> that only AD LDS is supported as the code used does not support the
>> use of a DN for binding to the ldap server.
>> Kind Regards,
>> *Claudio Daniel Iturbe*
>> Technical Solution Consultant
>> Monash University
>> Office 111C 17 College Walk Clayton VIC 3800
>> Tel: +61 3 9902 0927
>> Mob: +61 414 578 890
>> Email: [log in to unmask] <mailto:[log in to unmask]>
>> /eSolutions Live/ – Self Help Central
>> <https://sites.google.com/a/monash.edu/esolutions/> **
> RVC Logo - link to RVC Website <http://www.rvc.ac.uk> Twitter icon -
> link to RVC (Official) Twitter <http://twitter.com/RoyalVetCollege>
> Facebook icon - link to RVC (Official) Facebook
> <http://www.facebook.com/theRVC> YouTube icon - link to RVC YouTube
> <http://www.youtube.com/user/RoyalVetsLondon?feature=mhee> Pinterest
> icon - link to RVC Pinterest <http://pinterest.com/royalvetcollege/>
> Instagram icon - link to RVC Instagram
> This message, together with any attachments, is intended for the
> addressee(s) only and may contain privileged or confidential
> information. Any views or opinions presented are solely those of the
> author and do not necessarily represent those of the Royal Veterinary
> College (RVC). If you are not the intended recipient, please notify
> the sender and be advised that you have received this message in error
> and that any use, dissemination, forwarding, printing, or copying is
> strictly prohibited. Unless stated expressly in this email, this email
> does not create, form part of, or vary any contractual or unilateral
> obligation. Email communication cannot be guaranteed to be secure or
> error free as information could be intercepted, corrupted, amended,
> lost, destroyed, incomplete or contain viruses. Therefore, we do not
> accept liability for any such matters or their consequences.
> Communication with us by email will be taken as acceptance of the
> risks inherent in doing so.
The University of Aberdeen is a charity registered in Scotland, No SC013683.
Tha Oilthigh Obar Dheathain na charthannas clàraichte ann an Alba, Àir. SC013683.