|
|
(26 intermediate revisions by 9 users not shown) |
Line 1: |
Line 1: |
− | == LDAP for SME Server ==
| + | {{Warning box|If you enable ldap auth, it'll remove all your groups, users, ibay accounts from the unix databases so everything is only in LDAP. |
− | {{Level|Advanced}} | |
| | | |
− | === Maintainer ===
| + | If you attempt to then disable LDAP Authentication this will break everything as you won't have any functioning accounts afterwards, and you will disable LDAP master auth functionality.}} |
− | http://www.firewall-services.com
| |
| | | |
− | === Description ===
| + | LDAP authentication can be enabled (Experimental). Warning - Once enabled it cannot be disabled, so experiment with care. To enable: |
− | This contribution for smeserver adds LDAP
| + | db configuration setprop ldap Authentication enabled |
| | | |
− | {{Warning box|This is development code, not suitable for production servers, testing and feedback is needed}} | + | {{Warning box|Do not attempt to disable LDAP Authentication once enabled as it will cause your server to become unuseable.}} |
| | | |
− | This allows the use of SME user's database in other applications
| + | {{Note box|For LDAP authentication for applications see [[LDAP_Authentication_for_applications|LDAP Authentication for applications]]}} |
− | : either local, eg. a LAMP app
| + | ---- |
− | : on the server itself, eg. egroupware
| + | [[Category:Howto]] |
− | : on the local network, eg. another server in the local network which runs an ERP, but uses SME server user/group database
| |
− | : or even a remote host, eg. a GLPI instance used to manage requests from several clients using SME server.
| |
− | | |
− | Some applications have the possibility to use imap/pop authentication (egroupware, GLPI, maybe others), but some don't offer this possibility, but can use only LDAP. imap/pop isn't as powerful as LDAP as we can only check user/password, whereas with LDAP, we can check other attributes, groups of the user etc.
| |
− | | |
− | === Requirements ===
| |
− | You need a test server, or a spirit of adventure.
| |
− | | |
− | Send feedback to [http://bugs.contribs.org/show_bug.cgi?id=4590 Bugzilla,] or create a new bug for new issues.
| |
− | | |
− | === Installation ===
| |
− | This contrib is currently held in the smetest repository, so the following commands will install on your smeserver.
| |
− | | |
− | yum install e-smith-base+ldap e-smith-samba+ldap --enablerepo=smetest --enablerepo=smeupdates-testing
| |
− | | |
− | This will replace standard e-smith-base and e-smith-samba packages
| |
− | | |
− | signal-event post-upgrade; signal-event reboot
| |
− | | |
− | === Uninstall ===
| |
− | It might be possible but don't use a server where you have an expectation of being able to.
| |
− | | |
− | === Usage ===
| |
− | | |
− | Test with your email addressbook
| |
− | [[:SME_Server:Documentation:User_Manual:Chapter2]] | |
− | | |
− | View your LDAP Schema, ObjectClasses and Attributes with [[:Phpldapadmin ]]
| |
− | , This contrib works on sme8
| |
− | | |
− | Example setups for different types of clients
| |
− | | |
− | ==== SugarCRM ====
| |
− | | |
− | : Enabled LDAP server
| |
− | : Server: IP of the SME server
| |
− | : Port Number: 389
| |
− | : Base DN: dc=sampledomain,dc=com
| |
− | : Bind Attribute: dn
| |
− | : Login Attribute: uid
| |
− | : Authenticated User: uid=root,ou=Users,dc=sampledomain,dc=com
| |
− | : Authenticated Password: ldaps admin's password
| |
− | : Enabled Auto Create Users
| |
− | | |
− | === Bugs ===
| |
− | Please raise bugs under the SME-Contribs section in [http://bugs.contribs.org/enter_bug.cgi bugzilla]
| |
− | and select the smeserver-? component or use {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-?|title=this link}}.
| |
− | | |
− | <noinclude>[[Category: Contrib]]</noinclude>
| |