Difference between revisions of "LDAP Authentication"
m (Group membership has been added) |
m (Update base DN) |
||
| Line 45: | Line 45: | ||
: Server: IP of the SME server | : Server: IP of the SME server | ||
: Port Number: 389 | : Port Number: 389 | ||
| − | : Base DN: dc=sampledomain,dc=com | + | : Base DN: ou=Users,dc=sampledomain,dc=com |
: Bind Attribute: dn | : Bind Attribute: dn | ||
: Login Attribute: uid | : Login Attribute: uid | ||
Revision as of 19:28, 31 January 2010
LDAP for SME Server
Description
Adding LDAP authentication to sme was easy. We just needed to add the attribute userPassword to the users entries in the ldap server and keep them in sync with the passwords stored in /etc/shadow.
For SME 8 only, and for simplicity LDAP remains readonly
This allows the use of SME user's database in other applications
- either local, eg. a LAMP app
- on the server itself, eg. egroupware
- on the local network, eg. another server in the local network which runs an ERP, but uses SME server user/group database
- or even a remote host, eg. a GLPI instance used to manage requests from several clients using SME server.
Some applications have the possibility to use imap/pop authentication (egroupware, GLPI, maybe others), but some don't offer this possibility, but can use only LDAP. imap/pop isn't as powerful as LDAP as we can only check user/password, whereas with LDAP, we can check other attributes, groups of the user etc.
Installation
SME 8 only, e-smith-ldap-5.2.0-5.el5.sme from smetest or smeupdates-testing
This rpm is currently held in the smetest repository, the following commands will install on your smeserver.
yum install e-smith-ldap --enablerepo=smetest --enablerepo=smeupdates-testing --exclude=*+ldap
no other package is needed, if it says it does it's an issue with the repos's, download manually and 'yum localinstall'
signal-event post-upgrade; signal-event reboot
Uninstall
Not needed the new method is benign,
Usage
Test with your email addressbook SME_Server:Documentation:User_Manual:Chapter2
View your LDAP Schema, ObjectClasses and Attributes with Phpldapadmin , This contrib works on sme8
Example setups for different types of clients
SugarCRM
- Enabled LDAP server
- Server: IP of the SME server
- Port Number: 389
- Base DN: ou=Users,dc=sampledomain,dc=com
- Bind Attribute: dn
- Login Attribute: uid
- Authenticated User: uid=root,ou=Users,dc=sampledomain,dc=com
- Authenticated Password: ldaps admin's password
- Enabled Auto Create Users
Bugs
Please raise bugs under the SME-Contribs section in bugzilla and select the smeserver-? component or use this link .
