2013-09-10, 08:17 PM
I had to integrate MyBB into an OpenLDAP server, but there was no real working module to do this. The closest I could find was Rukbat's mybbldap mod at http://mods.mybb.com/view/mybbldap. I made extensive modifications to this code and am uploading it here for others to play with, and/or modify.
Changes from the original include:
1) It now interfaces with OpenLDAP, in addition to Active Directory
2) It now can send authentication over TLS, instead of just in the clear.
3) It will now provision a user account, if it doesn't exist locally. The mod will query the OpenLDAP for the user's email and use it when provisioning the local account.
4) For those who want OpenLDAP only registration/authentication, there are some additional notes in the readme file, that will will make it register and authenticate only with OpenLDAP, except for previously existing local accounts, like the admin user. WARNING! This requires some minor hacks to a couple of core files, unless you can figure out a rewrite rule, instead. If you do, please update the documentation!
I mainly do Drupal development, so forgive me if I'm not coding things correctly. I have used Rukbat's original code as a guide to do my programming. Also, this is my first go at using PHP to interface with LDAP.
I have tested this code against an OpenLDAP server in the clear and also using TLS. I have tested account provisioning and and validated the password and salt to ensure they match MyBB's algorithm. I also validated that it will pull the first available email from the user's OpenLDAP account. Everything appears to work well. Give it a try and see if it works for you.
Changes from the original include:
1) It now interfaces with OpenLDAP, in addition to Active Directory
2) It now can send authentication over TLS, instead of just in the clear.
3) It will now provision a user account, if it doesn't exist locally. The mod will query the OpenLDAP for the user's email and use it when provisioning the local account.
4) For those who want OpenLDAP only registration/authentication, there are some additional notes in the readme file, that will will make it register and authenticate only with OpenLDAP, except for previously existing local accounts, like the admin user. WARNING! This requires some minor hacks to a couple of core files, unless you can figure out a rewrite rule, instead. If you do, please update the documentation!
I mainly do Drupal development, so forgive me if I'm not coding things correctly. I have used Rukbat's original code as a guide to do my programming. Also, this is my first go at using PHP to interface with LDAP.
I have tested this code against an OpenLDAP server in the clear and also using TLS. I have tested account provisioning and and validated the password and salt to ensure they match MyBB's algorithm. I also validated that it will pull the first available email from the user's OpenLDAP account. Everything appears to work well. Give it a try and see if it works for you.