Back to limesurvey.org

Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

AuthLDAP inner workings

  • ViliusS
  • ViliusS's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
4 years 1 month ago - 4 years 1 month ago #207840 by ViliusS
AuthLDAP inner workings was created by ViliusS
I have successfully configured AuthLDAP plugin to authenticate LimeSurvey against ActiveDirectory however I want to know more how exactly AuthLDAP works. My questions are:

1) Can I disable LimeSurvey internal database so I can use only LDAP?
2) If yes, what happens if my LDAP server will be unavailable? Will public survey execution work for my users? Is there a way to switch Internal Auth database ON again without a user interface?
3) How exactly "Allow initial user to login via LDAP" option work?
4) Can I use LDAP login via API to get a session token for /remotecontrol link?
5) If I enable "Check to make default authentication method" in plugin configuration will the default authentication method change for API logins on /remotecontrol too?
Last edit: 4 years 1 month ago by ViliusS.
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team & Official Partner
  • LimeSurvey Community Team & Official Partner
More
4 years 1 month ago #207843 by DenisChenu
Replied by DenisChenu on topic AuthLDAP inner workings
1. I don't think, but each user have a rigt (or no) to login via Auth.
2. No change on public execution, only log in are disabled. No way to disable except remove the AuthLdap file (or update via DB) but : user without AuthDB right still can not log in.
3. The initial user admin is user #1, by default ;: he can not log via LDAP (it was created before config was set) with he can : github.com/LimeSurvey/LimeSurvey/blob/82...AP/AuthLDAP.php#L448
4. Yes, because LDAP have user/password. See www.limesurvey.org/manual/RemoteControl_2_API#get_session_key , the plugin parameter
5. No change : default is for GUI login only, for remote see www.limesurvey.org/manual/RemoteControl_2_API#get_session_key
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member. - Professional support - Plugins, theme and development .
I don't answer to private message.
The topic has been locked.
  • ViliusS
  • ViliusS's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
4 years 1 month ago #207844 by ViliusS
Replied by ViliusS on topic AuthLDAP inner workings
Thank you. One more question. If I create a user from LimeSurvey GUI with type set to LDAP or if I the user is created automatically by the initial login process I assume it sets a password in the Authdb too? Is it some kind of random password and can I use it in case of LDAP failure (assuming that Authdb rights are given to the user)?
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team & Official Partner
  • LimeSurvey Community Team & Official Partner
More
4 years 1 month ago #207845 by DenisChenu
Replied by DenisChenu on topic AuthLDAP inner workings
If you create the user : you have to set a password (in my opinion : it's an issue : bugs.limesurvey.org/view.php?id=13222 )

If user was created via LDAP : have password github.com/LimeSurvey/LimeSurvey/blob/82...AP/AuthLDAP.php#L286 (still an issue)

Then : user can ask a new password too (for example)
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member. - Professional support - Plugins, theme and development .
I don't answer to private message.
The topic has been locked.
  • ViliusS
  • ViliusS's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
4 years 1 month ago #207847 by ViliusS
Replied by ViliusS on topic AuthLDAP inner workings
So what default password does LimeSurvey set if a user is automatically created on LDAP login? Is it random?
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team & Official Partner
  • LimeSurvey Community Team & Official Partner
More
4 years 1 month ago #207856 by DenisChenu
Replied by DenisChenu on topic AuthLDAP inner workings
Yes : github.com/LimeSurvey/LimeSurvey/blob/82...mon_helper.php#L2275
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member. - Professional support - Plugins, theme and development .
I don't answer to private message.
The topic has been locked.
Moderators: holchtpartner

Lime-years ahead

Online-surveys for every purse and purpose

Pricing & Plans
Get started

Legal

About Us

Open Source