Last year I wrote about using JMapMyLDAP v1 to integrate Joomla 3 with Active Directory, however more recently I've been using JMapMyLDAP version 2.
The basics are still the same, essentially we want to improve the user experience of Joomla and allow the windows username and password to be automatically passed to the browser, and the user is automatically logged in.
The active directory integration is achieved with a free extensions provided by JMapMyLDAP. You can download the plugins from their website.
The documentation is located at:
The first step is to download the install packages from Shmanic, and install them on your Joomla site.
Regarding the configuration, here are some screen shots of how I implemented it on a Joomla 3 Intranet.
The host is the name or IP address of your LDAP server, in this case a Windows Domain Controller. The connect user is the name of the user we are using for the LDAP connection. In this case we are using an account called LDAP Service which is located in the Service Account OU that is within the AU OU.
CN=LDAP service,OU=Service Accounts,OU=AU,DC=yourdomain,DC=com
Here is an example of the LDAP Service account.
The LDAP Service account doesn’t need domain admin rights, just add it to the Domain Users group.
The Base DN should match your active directory, in this case DC=yourdomain,DC=com
The User DN / Filter for Active Directory should be set to (sAMAccountName=[username]).
For Active Directory, the Map User ID should be set to sAMAccountName.
The Map Full Name which is set to displayName, you will see below matches up with the Display name field of the user’s active directory account.
The Map Email which is set to mail, referred to the E-mail filed in the user’s active directory account.
For Single Sign In (SSI), where the browser automatically passes the users windows credential to Joomla and you don't have to type in your username and password, you will need to install the HTTP SSO plugin.
I hope these screenshots are helpful, and feel free to leave any hints and tips in the comments.