It just works. Fill in the settings and off you go. If you have an LDAP user, login as them. If the auth fails Elgg tries the next auth handler.
If you have an LDAP user that doesn't have an Elgg account, set the plugin to auto create users. If you can login as that user then the LDAP plugin works.
Adriano,
When I first looked at this problem (about a year ago), I had challenges getting the downloadable LDAP plugin to work. I was a real elgg newbie at the time and couldn't find info, so instead of trying to get that fixed, I simply went to the login.php and messed with it (I didn't know how to write plugins at the time).
Our AD/LDAP environment is a bit unusual - I don't what to describe it here for security reasons.
What I can do is share snippets of where I changed code to allow for LDAP authentication while still allowing authorized Elgg users (such as test accounts and special accounts that are not in LDAP) access. I then removed the registration code and links so the only way to create users through elgg would be for the site-admin to add users. There is also no longer a need for password reset/change and disabling of accounts are all done through the AD/LDAP. Also, to prevent the local Elgg accounts that matches the LDAP account from being used if the original login.php got reenabled for some reason (such as after an upgrade), I reset the elgg password to a new random hashed key everytime the LDAP user logs in.
I'll be really tied up today but maybe I can post the snippets next week if you are interested. If you can get the LDAP plugin to work for your environment, that will be preferred.
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.