About

I’m the DevOps Engineer at The Network, Inc a technology company based in metro Atlanta. I attend the Splunk and DevOps meetups here when the occur. I’m a Microsoft certified Enterprise Administrator, and a Linux enthusiast. We’ve been working to re-provision our infrastructure using Powershell DSC.

Outside of work I develop in PHP and administer Debian Linux systems. I’m a fan of the Drupal project and have done several custom modules for it, including implementing the Stripe payment gateway for UberCart, tuning up the favorites module, as well as an SSO module for MediaWiki

Ways to find me:

3 Responses to About

  1. Hi Robert, i work at the Wolfsonian museum in Miami Beach and i’m having the hardest time with getting your wonderful MediaWiki NTLM extension to work. Is is possible to get a little bit of help? Essentially, this php statement: $rs = $cn->Execute($query); errors out with unspecified error. I have checked the value of $upn and $gc and they are user@domain.* and GC://domain.com respectively (obfuscated of course). I humbly appreciate it if you can please point me in the right direction. I’m using MW 1.23, php 5.3, IIS on Win2k8 R2. Thanks! -sul.

    • robertlabrie says:

      Hi Sul,

      Sorry for the delayed reply. I changed jobs recently and have been super busy. One thing I found after development is that if the web server isn’t a DC then it’s not able to look up accounts properly. Maybe delegating the computer account with read access in AD will solve. Otherwise, the easy fix was to change the “Connect As” setting in IIS and entering credentials for a domain user. This is what I did when I took the app live.

      Let me know how it goes. Good luck with your project!

  2. Robert,

    First of all, thank you for taking the time to reply. I did manage to resolve the error. It turns out that the ADSDSObject provider needs to use the SSPI attribute to properly authenticate. This, I believe, is needed in domains like ours that require secure sign on for LDAP. After adjusting the provider code below in NTLMActiveDirectory_ad.php, the query worked!

    //Modified by Sul 6/14/2014
    $cn->provider = “ADsDSOObject;Integrated Security=SSPI”;

    I do think your instructions would have worked too.

    My environment is IIS 7.5 running on Windows Server 2008 R2 and FFL is 2008.

    Thanks again.

    -sul.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: