3,704
edits
Changes
Jump to navigation
Jump to search
mLine 1:
Line 1: − == LDAP for SME Server ==+ − − === Maintainer ===+ − http://www.firewall-services.com − === Description ===+ − This contribution for smeserver adds LDAP+ − + − This allows the use of SME user's database in other applications + − : either local, eg. a LAMP app + − : on the server itself, eg. egroupware + − : on the local network, eg. another server in the local network which runs an ERP, but uses SME server user/group database − : or even a remote host, eg. a GLPI instance used to manage requests from several clients using SME server. − − Some applications have the possibility to use imap/pop authentication (egroupware, GLPI, maybe others), but some don't offer this possibility, but can use only LDAP. imap/pop isn't as powerful as LDAP as we can only check user/password, whereas with LDAP, we can check other attributes, groups of the user etc. − − === Requirements === − You need a test server, or a spirit of adventure. − − Send feedback to [http://bugs.contribs.org/show_bug.cgi?id=4590 Bugzilla,] or create a new bug for new issues. − − === Installation === − This contrib is currently held in the smetest repository, so the following commands will install on your smeserver. − − yum install e-smith-base+ldap e-smith-samba+ldap --enablerepo=smetest --enablerepo=smeupdates-testing − − This will replace standard e-smith-base and e-smith-samba packages − − signal-event post-upgrade; signal-event reboot − − === Uninstall === − It might be possible but don't use a server where you have an expectation of being able to. − − === Usage === − − Test with your email addressbook − − − View your LDAP Schema, ObjectClasses and Attributes with [[:Phpldapadmin ]] − , This contrib works on sme8 − − Example setups for different types of clients − − ==== SugarCRM ==== − − : Enabled LDAP server − : Server: IP of the SME server − : Port Number: 389 − : Base DN: dc=sampledomain,dc=com − : Bind Attribute: dn − : Login Attribute: uid − : Authenticated User: uid=root,ou=Users,dc=sampledomain,dc=com − : Authenticated Password: root's password (really ?) − : Enabled Auto Create Users − − === Bugs === − Please raise bugs under the SME-Contribs section in [http://bugs.contribs.org/enter_bug.cgi bugzilla] − and select the smeserver-? component or use {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-?|title=this link}}. − − <noinclude>[[Category: Howto]]</noinclude>
no edit summary
{{Warning box|If you enable ldap auth, it'll remove all your groups, users, ibay accounts from the unix databases so everything is only in LDAP.
{{Level|Advanced}}
If you attempt to then disable LDAP Authentication this will break everything as you won't have any functioning accounts afterwards, and you will disable LDAP master auth functionality.}}
LDAP authentication can be enabled (Experimental). Warning - Once enabled it cannot be disabled, so experiment with care. To enable:
db configuration setprop ldap Authentication enabled
{{Warning box|This is development code, not suitable for production servers, testing and feedback is needed}}
{{Warning box|Do not attempt to disable LDAP Authentication once enabled as it will cause your server to become unuseable.}}
{{Note box|For LDAP authentication for applications see [[LDAP_Authentication_for_applications|LDAP Authentication for applications]]}}
----
[[Category:Howto]]
[[:SME_Server:Documentation:User_Manual:Chapter2]]