Difference between revisions of "LDAP Authentication"

From SME Server
Jump to navigationJump to search
m (→‎Installation: --enablerepo=smeupdates-testing)
Line 36: Line 36:
  
 
=== Usage ===
 
=== Usage ===
{{Incomplete}}
 
 
ToDo, Add example setups for different types of clients, or links to other wiki pages with LDAP sections
 
  
 
Test with your email addressbook
 
Test with your email addressbook
http://wiki.contribs.org/SME_Server:Documentation:User_Manual:Chapter2
+
[[:SME_Server:Documentation:User_Manual:Chapter2]]
  
View your LDAP Schema, ObjectClasses and Attributes with http://wiki.contribs.org/Phpldapadmin  
+
View your LDAP Schema, ObjectClasses and Attributes with [[:Phpldapadmin ]]
 
, This contrib works on sme8
 
, This contrib works on sme8
  
 +
Example setups for different types of clients
 +
 +
==== SugarCRM ====
  
 +
: Enabled LDAP server
 +
: Server: IP of the SME server
 +
: Port Number: 389
 +
: Base DN: dc=sampledomain,dc=com
 +
: Bind Attribute: dn
 +
: Login Attribute: uid
 +
: Authenticated User: uid=root,ou=Users,dc=sampledomain,dc=com
 +
: Authenticated Password: root's password  (really ?)
 +
: Enabled Auto Create Users
  
 
=== Bugs ===
 
=== Bugs ===

Revision as of 21:48, 4 February 2009

LDAP for SME Server

PythonIcon.png Skill level: Advanced
The instructions on this page may require deviations from standard procedures. A good understanding of linux and Koozali SME Server is recommended.


Maintainer

http://www.firewall-services.com

Description

This contribution for smeserver adds LDAP


Warning.png Warning:
This is development code, not suitable for production servers, testing and feedback is needed


This allows the use of SME user's database in other applications

either local, eg. a LAMP app
on the server itself, eg. egroupware
on the local network, eg. another server in the local network which runs an ERP, but uses SME server user/group database
or even a remote host, eg. a GLPI instance used to manage requests from several clients using SME server.

Some applications have the possibility to use imap/pop authentication (egroupware, GLPI, maybe others), but some don't offer this possibility, but can use only LDAP. imap/pop isn't as powerful as LDAP as we can only check user/password, whereas with LDAP, we can check other attributes, groups of the user etc.

Requirements

You need a test server, or a spirit of adventure.

Send feedback to Bugzilla, or create a new bug for new issues.

Installation

This contrib is currently held in the smetest repository, so the following commands will install on your smeserver.

yum install e-smith-base+ldap e-smith-samba+ldap --enablerepo=smetest --enablerepo=smeupdates-testing

This will replace standard e-smith-base and e-smith-samba packages

signal-event post-upgrade;  signal-event reboot

Uninstall

It might be possible but don't use a server where you have an expectation of being able to.

Usage

Test with your email addressbook SME_Server:Documentation:User_Manual:Chapter2

View your LDAP Schema, ObjectClasses and Attributes with Phpldapadmin , This contrib works on sme8

Example setups for different types of clients

SugarCRM

Enabled LDAP server
Server: IP of the SME server
Port Number: 389
Base DN: dc=sampledomain,dc=com
Bind Attribute: dn
Login Attribute: uid
Authenticated User: uid=root,ou=Users,dc=sampledomain,dc=com
Authenticated Password: root's password (really ?)
Enabled Auto Create Users

Bugs

Please raise bugs under the SME-Contribs section in bugzilla and select the smeserver-? component or use this link .