The issue seems that my LDAP server will not bind against the uid, it needs a full DN e.g givenName=John,sn=Doe,ou=Users,dc=something,dc=com and of course "TimeTrex doesn't support encrypted passwords" so I added one line of code that takes care of that.
In: classes/modules/core/TTLDAP.class.php
After: $password = trim($password);
Insert: $password = "{sha}" . base64_encode( pack( "H*", sha1( $password ) ) );
LDAP working with minor hack
Re: LDAP working with minor hack
What LDAP setup are you using? Its interesting that your passwords aren't encrypted with some kind of salt. Seems to almost defeat the purpose of encryption.
Thats the primary reason why TimeTrex doesn't support encrypted passwords, because most of them should be salted and there is virtually no way for TimeTrex to know what the salt value is, so it has to be up to the LDAP server to do the authentication itself.
Unless you want to modify this code to attempt to detect sha1 encrypted passwords on its own and submit it to us for including into the mainline TimeTrex branch, I would recommend writing a plugin to handle it for you instead, that way it won't break everytime you upgrade to the next version of TimeTrex.
Thats the primary reason why TimeTrex doesn't support encrypted passwords, because most of them should be salted and there is virtually no way for TimeTrex to know what the salt value is, so it has to be up to the LDAP server to do the authentication itself.
Unless you want to modify this code to attempt to detect sha1 encrypted passwords on its own and submit it to us for including into the mainline TimeTrex branch, I would recommend writing a plugin to handle it for you instead, that way it won't break everytime you upgrade to the next version of TimeTrex.