I have to connect my ldap with an existing ldap system with the following conditions:
Domain used is 12.14.4.38
Username 0000001 and password 123456.
I've opened this link , but I still don't understand how to use it. This is my adldap.php code
<?php
return [
'connections' => [
'default' => [
'auto_connect' => true,
'connection' => Adldap\Connections\Ldap::class,
'schema' => Adldap\Schemas\ActiveDirectory::class,
'connection_settings' => [
'account_prefix' => env('ADLDAP_ACCOUNT_PREFIX', ''),
'account_suffix' => env('ADLDAP_ACCOUNT_SUFFIX', ''),
'domain_controllers' => explode(' ', env('ADLDAP_CONTROLLERS', '12.14.4.38')),
'port' => env('ADLDAP_PORT', 389),
'timeout' => env('ADLDAP_TIMEOUT', 5),
'base_dn' => env('ADLDAP_BASEDN', 'dc=12.14.4.38'),
'admin_account_suffix' => env('ADLDAP_ADMIN_ACCOUNT_SUFFIX', ''),
'admin_username' => env('ADLDAP_ADMIN_USERNAME', '0000001'),
'admin_password' => env('ADLDAP_ADMIN_PASSWORD', '123456'),
'follow_referrals' => false,
'use_ssl' => false,
'use_tls' => false,
],
],
],
];
// Create a new Adldap Provider instance.
$provider = new \Adldap\Connections\Provider(connections);
$ad = new \Adldap\Adldap(connections);
try {
// Connect to the provider you specified in your configuration.
$provider = $ad->connect('default');
// Connection was successful.
// We can now perform operations on the connection.
$user = $provider->search()->users()->find('0000001');
} catch (\Adldap\Auth\BindException $e) {
die("Can't connect / bind to the LDAP server! Error: $e");
}
You didn't specify a dn/path nor did you enter a path for the admin
This is how it normally looks
Search host: 12.14.4.38
basedn: "ou=Users,dc=DRiski,dc=com" <- I use your username as an example
admin:"cn=admin,ou=admins,dc=DRiski,dc=com"
password: just the regular password
What is with the weird cn, dc, ou stuff... that is like a path/folder in wich it needs to look to find the user (or users/groups in the case of base dn)...
base dn: specifies where to look for the users, in this case: in the folder users, on the server Driski.com
That is also how you specify your admin (tell the server where to find the thing).
Solved?
If not, try connecting to your ldap using ldapadmin (or another administrative tool) such that you can see how it works, and what path to enter...
Related
I am trying to set up a application that will use PHPMailer with Gmail API functionality.
I have written my program and tested it and it worked great. The last step for me was to see if I could make the system a bit more secure and follow best practices by only requesting the scope that is needed.
This version of the code works.
$params = [
'clientId' => $clientKeys['clientID'],
'clientSecret' => $clientKeys['secretKey'],
'redirectUri' => $oauth2redirectURI,
'accessType' => 'offline'
];
$provider = new Google($params);
$options = [
'scope' => [
'https://mail.google.com/'
]
];
However, when I reduce the scope to this:
$params = [
'clientId' => $clientKeys['clientID'],
'clientSecret' => $clientKeys['secretKey'],
'redirectUri' => $oauth2redirectURI,
'accessType' => 'offline'
];
$provider = new Google($params);
$options = [
'scope' => [
'https://www.googleapis.com/auth/gmail.send'
]
];
The initial authorization works to get the refresh token and such.
However, PHPMailer no longer is able to send any messages as that user. Instead when attempting to send email messages, PHPMailer throws the following error:
SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting1
I am making a module in Node.js where the user can make their own Livestream Bot for youtube. The module requires the user to provide their client id and client secret of their application. But how do I check if the client id and client secret they entered is valid and if it isn't throw an appropriate error. Is there an endpoint to do that?
There is no way of validating the client id or the client secret. The only way is to try them and if they dont work then display an error to the user.
You could maybe come up with a regex test for the client_id but i wouldn't recommend it as the format has changed several times over the years which would cause problems in your application.
I would just say try to use it if it fails give them an error message.
Note: I hope you are not prompting people to give you their client id and client secret as its against googles TOS for people to shire their client credentials if you are enc urging people to give you their credentials you are telling them to break the TOS.
Valid Code:
function ProjectValid($PostArray){
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://oauth2.googleapis.com/token',
CURLOPT_POST => true,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTPHEADER => [
'Content-Type: application/x-www-form-urlencoded',
],
CURLOPT_POSTFIELDS => http_build_query([
'code' => md5(time()),
'client_id' => $PostArray['ClientID'],
'client_secret' => $PostArray['ClientSecret'],
'redirect_uri' => $_SERVER['REQUEST_SCHEME'].'://'.$_SERVER["HTTP_HOST"].'/'.$URL,
'grant_type' => 'authorization_code'
]),
));
$Response = curl_exec($curl);
curl_close($curl);
if($Array=json_decode($Response,true) and isset($Array['error']) and $Array['error'] == 'invalid_grant'){
return true;
}else{
return false;
}
}
I am building an app using pouchdb and couchdb. The structure is that each user has its own database (I have activated per user option).
Then, to simplify let say there is a database that aggregates data for all users, a location database.
This database syncs with user databases.
For each user database, the user has role admin.
The location database, has an admin user as admin. Regular users are not added as admin to this database. Each document has a userId attribute. The sync between userdb and locationdb will be filtered by userID.
Now, when I login in the app as user, I have permissions to launch the sync between let say localdb on pouchdb and userdb on couchdb. Since user is admin on userdb. So far so good.
var remoteUser =
new PouchDB(
'https://domain:6984/' + 'userdb-' + hex,
{
auth: {
username: 'user',
password: 'password'
}
}
)
db.replicate.from(remoteUser).on('complete', function () {
db.sync(remoteUser, { live: true, retry: true })
.on('change', function (info) {
dispatch('syncPrintQueue')
console.log('sync remote user')
}).on('pause', function () {
console.log('user remote syncing done')
})
})
But then from the app I want to sync userdb to locationdb. As user I cannot do that. So I add auth as admin. And now I can launch the sync.
var remoteLocation =
new PouchDB(
'https://domain:6984/' + 'locationdb-' + locationHex,
{
auth: {
username: 'admin',
password: 'password'
}
}
)
remoteUser.replicate.from(remoteLocation).on('complete', function () {
remoteUser.sync(remoteLocation, {
live: true,
retry: true
})
.on('change', function (info) {
console.log('location remote syncing ')
}).on('pause', function () {
console.log('location remote syncing done')
})
})
dispatch('syncCompany', remoteLocation)
},
The problem is that now im logged in as admin in the current session.
What I am doing right now is store user info on localStorage right after login. And I use that for filtering or validating on couch. Instead of user returned from checking current session. Which would allow me to correctly filter server side.
Adding each user to the general database as admin is not an option. So the only idea I have is to move all the syncs and authorizations to a middleware in say rails or node.
Is there a solution within couchdb to manage this situation?
The standard persistent replication generally didn't scale to replicating infrequent updates from (or to) many databases. It has been improving with support for cycling through many permanent replications using a scheduler, so you could look at that to see if it is currently sufficient.
The interim solution has been the spiegel project which has listener processes that observe the _global_changes feed and match database names by regex pattern to identify which source databases have changed and need to be re-examined by one of its change or replicator processes.
I am a linux server administrator so I don't have nodejs programming experience.
The problem is that I installed nodejs for a specific laravel script for a mobile chat.
Now that I've configured everything and nodejs is running and web socket is also opened the script works but when new users signup they do it successfully while when trying to login an error (cat error) comes up.
I have verified that new signed up users added to db and that web socket is opened but I don't know why when users try to login it throws an error.
As server administrator I have checked all log files but I get nothing related to the problem.
Also enabled mysql query log and found that a sql query is already sent to mysql when trying to sign in with new created account
But I don't know why users can't sign in, that's why I suspect the backend server is not working.
Here are the lines of codes in "server.js" that is related to the problem
this.handleDisconnection(), this.store.revealNames.register(this.user).catch(e => {}), this.handler(o.enc({
publicMessageId: s,
error: !1,
grantedSettings: this.user.grantedSettings(),
posts: this.store.wall.all(),
rooms: this.store.rooms.all().map(e => e.parse(this.user, this.store.users)),
users: this.store.users.filter(e => e.canBeSeenBy(this.user)).map(e => e.parse()),
gifts: this.store.gifts.all(),
faces: this.store.faces.all(),
user: this.user.parse()
})), this.store.radio.startListening(this.user)
}).catch(e => {
this.user.isLogged = !1;
const t = {
error: !0,
message: "Øدث خطأ أثناء تسجيل الدخول, الرجاء إعادة المØاولة"
};
try {
if (e.response.data.name) return t.message = e.response.data.name, this.handler(o.enc(t));
if (e.response.data.is_friendly_message && e.response.data.message) return t.message = e.response.data.message, this.handler(o.enc(t))
} catch (e) {
return this.user.isLogged = !1, this.handler(o.enc(t))
}
t.data.user.adminToken && this.store.adminTokens.push(t.data.user.adminToken), this.handleDisconnection(), this.user.isVirtual ? (this.store.virtualUserIds.push(this.user.reg_id), this.handler(t.data.user.defaultRoom)) : (this.store.revealNames.register(this.user).catch(e => {}), this.handler(o.enc({
publicMessageId: r,
error: !1,
cookie: e,
grantedSettings: this.user.grantedSettings(),
posts: this.store.wall.all(),
rooms: this.store.rooms.all().map(e => e.parse(this.user, this.store.users)),
users: this.store.users.filter(e => e.canBeSeenBy(this.user)).map(e => e.parse()),
gifts: this.store.gifts.all(),
faces: this.store.faces.all(),
user: this.user.parse()
})), this.store.radio.startListening(this.user))
}).catch(e => {
this.user.isLogged = !1;
const t = {
error: !0,
message: "Øدث خطأ أثناء تسجيل الدخول, الرجاء إعادة المØاولة"
};
try {
if (e.response.data.name) return t.message = e.response.data.name, this.handler(o.enc(t));
if (e.response.data.password) return t.message = e.response.data.password, this.handler(o.enc(t));
if (e.response.data.is_friendly_message && e.response.data.message) return t.message = e.response.data.message, this.handler(o.enc(t))
} catch (e) {
return this.user.isLogged = !1, this.handler(o.enc(t))
}
})
I get the following error
Øدث خطأ أثناء تسجيل الدخول, الرجاء إعادة المØاولة
In the above code there are two blocks, I get the error when trying to log in with the registered user.
why new signed up users cannot login?
I'm new to setting up Gitlab.
I have used the VSHN puppet module to install Gitlab in AWS.
The Gitlab server is running fine but the email invite is not working for anyone.
I have used the following configuration in site.pp file.
node 'client-ip-address' {
class { 'gitlab':
external_url => 'http://client-ip-address',
}
}
Could anyone please tell me what configuration is required to set up email notification?
Depending on your method of email, it will be configured with the gitlab rails option configuration documented here: https://github.com/vshn/puppet-gitlab/blob/master/README.md#usage
Documentation on examples for various email providers here: https://docs.gitlab.com/omnibus/settings/smtp.html#example-configuration
For example, the most basic one:
class { 'gitlab':
external_url => 'http://gitlab.mydomain.tld',
gitlab_rails => {
'smtp_enable' => true,
},
}
For gmail:
class { 'gitlab':
external_url => 'http://gitlab.mydomain.tld',
gitlab_rails => {
'smtp_address' => "smtp.gmail.com"
'smtp_port' => 587
'smtp_user_name' => "my.email#gmail.com"
'smtp_password' => "my-gmail-password"
'smtp_domain' => "smtp.gmail.com"
'smtp_authentication' => "login"
'smtp_enable_starttls_auto' => true
'smtp_tls' => false
'smtp_openssl_verify_mode' => 'peer'
},
}