Ldap

system · December 7, 2015, 8:29pm

juggernautsei wrote on Monday, December 07, 2015:

I have been digging around and I can’t find any documentation that clearly states that the LDAP integration was done. I have searched the code and found the ADLDAP plugin in the library and a config file.

Does it work is my question?

system · December 7, 2015, 8:47pm

tmccormi wrote on Monday, December 07, 2015:

I don’t think any one has done this for the community. Ensoftek did it for Peace Corps. They might be able to peel it out as a module/add-on given time. We have permission to release that and some of the the other stuff too. It’s just complicated to untangle it.

system · December 7, 2015, 11:00pm

juggernautsei wrote on Monday, December 07, 2015:

Ok thanks Tony. It just seems odd that all the pieces are there but they don’t connnect.

system · December 7, 2015, 11:07pm

tmccormi wrote on Monday, December 07, 2015:

What pieces are your referring too? I don’t ever recall seeing any LDAP stuff, but the code base is huge …

system · December 7, 2015, 11:42pm

tmccormi wrote on Monday, December 07, 2015:

Ah, I see. Nothing I can find calls the library functions adLDAP_auth.inc

and There are definately deprecated mysql calls in the library …

system · December 8, 2015, 6:09am

visolveemr wrote on Tuesday, December 08, 2015:

Hello Sherwin

You can achieve LDAP authentication with OpenEMR through php ldap functions. For login authentication process, customizations needed in ‘library/auth.inc’ file.

FIrst to establish the connection to the ldap server, use ldap_connect function. And to bind with the connected server, use ldap_bind function. Using these functions, LDAP authentication with OpenEMR can be achieved.

Hope this helps.

Thanks
OpenEMR Customization/Support Team,
ViSolve Inc
services@visolve.com | Phone: 408-850-2243
Demo’s @ ViSolve Demo Library

system · December 9, 2015, 2:44pm

juggernautsei wrote on Wednesday, December 09, 2015:

I’ll check out auth.inc file.

Tony, I went through all the files in the library/adLDAP folder and you are right that code is deprecated. It should be removed from the code base if possible.

system · December 19, 2015, 11:27am

sapiens110 wrote on Saturday, December 19, 2015:

Hi Sherwin,

Did you manage to get the LDAP integaration done?

Regards,

system · December 19, 2015, 8:00pm

juggernautsei wrote on Saturday, December 19, 2015:

No we paused on that for now. It was too much work and we only have a for
more days till go live and we are going to circle back around to that.
I took a look at the auth.inc as suggested however there is nothing that is
prebuilt. It would have to be all constructed. So, that is why we backed
off from this for right now.

system · December 26, 2015, 9:36am

sapiens110 wrote on Saturday, December 26, 2015:

Hi Visolve and Sherwin,

Sherwin, Thank you for your response.

Visolve, if there is work done and the code is ready, We would like to sponsor as we have clients waiting for it, Otherwise we have to dig in to it on our own since Sherwin’s project is also on hold.

Regards,

system · December 28, 2015, 5:59am

visolveemr wrote on Monday, December 28, 2015:

Hello Sapiens110,

We have experience in LDAP Integration. We can accomplish LDAP Integration in a week or two and provide support for couple of weeks. Please email services@visolve.com for more information.

Thanks,
ViSolve Services & Support Team.

system · December 28, 2015, 9:57pm

tmccormi wrote on Monday, December 28, 2015:

Here is the code pulled from one of our projects (Peace Corps). I can’t test it at all but it might be a good place to start. Rather than from scratch.

system · December 30, 2015, 12:32pm

juggernautsei wrote on Wednesday, December 30, 2015:

Hey Tony!
Thanks for the code!!
It will be a huge help in getting this working. I really appreciate this.

system · December 30, 2015, 7:14pm

tmccormi wrote on Wednesday, December 30, 2015:

There is definately some stuff the is custom for PCorps, look for the things that refer to HQ Post OU and country codes.

As well as some "WARNING text that was required by them

system · January 7, 2016, 5:38am

tmccormi wrote on Thursday, January 07, 2016:

You are going to need this:
#IfNotTable adldap_config
CREATE TABLE IF NOT EXISTS adldap_config (
id int(11) NOT NULL AUTO_INCREMENT,
account_suffix varchar(255) NOT NULL,
base_dn text NOT NULL,
domain_controllers varchar(255) NOT NULL,
ad_username varchar(255) NOT NULL,
ad_password blob NOT NULL,
real_primarygroup tinyint(4) DEFAULT ‘0’,
use_ssl tinyint(4) DEFAULT ‘0’,
recursive_groups tinyint(4) DEFAULT ‘0’,
excluded_users text NOT NULL,
hq_ou varchar(16) DEFAULT NULL,
local_ou varchar(16) DEFAULT NULL,
default_group varchar(255) NOT NULL,
authorization tinyint(4) NOT NULL DEFAULT ‘2’,
calendar_ui tinyint(4) NOT NULL DEFAULT ‘0’,
active tinyint(4) NOT NULL DEFAULT ‘0’,
created_date timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
updated_date timestamp NULL DEFAULT NULL,
PRIMARY KEY (id)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
#EndIf