LDAP Authentication

From SME Server
Revision as of 12:51, 4 March 2009 by RayMitchell (talk | contribs) (Not production ready - changed to Howto)
Jump to navigationJump to search

LDAP for SME Server

PythonIcon.png Skill level: Advanced
The instructions on this page may require deviations from standard procedures. A good understanding of linux and Koozali SME Server is recommended.


Maintainer

http://www.firewall-services.com

Description

This contribution for smeserver adds LDAP


Warning.png Warning:
This is development code, not suitable for production servers, testing and feedback is needed


This allows the use of SME user's database in other applications

either local, eg. a LAMP app
on the server itself, eg. egroupware
on the local network, eg. another server in the local network which runs an ERP, but uses SME server user/group database
or even a remote host, eg. a GLPI instance used to manage requests from several clients using SME server.

Some applications have the possibility to use imap/pop authentication (egroupware, GLPI, maybe others), but some don't offer this possibility, but can use only LDAP. imap/pop isn't as powerful as LDAP as we can only check user/password, whereas with LDAP, we can check other attributes, groups of the user etc.

Requirements

You need a test server, or a spirit of adventure.

Send feedback to Bugzilla, or create a new bug for new issues.

Installation

This contrib is currently held in the smetest repository, so the following commands will install on your smeserver.

yum install e-smith-base+ldap e-smith-samba+ldap --enablerepo=smetest --enablerepo=smeupdates-testing

This will replace standard e-smith-base and e-smith-samba packages

signal-event post-upgrade;  signal-event reboot

Uninstall

It might be possible but don't use a server where you have an expectation of being able to.

Usage

Test with your email addressbook SME_Server:Documentation:User_Manual:Chapter2

View your LDAP Schema, ObjectClasses and Attributes with Phpldapadmin , This contrib works on sme8

Example setups for different types of clients

SugarCRM

Enabled LDAP server
Server: IP of the SME server
Port Number: 389
Base DN: dc=sampledomain,dc=com
Bind Attribute: dn
Login Attribute: uid
Authenticated User: uid=root,ou=Users,dc=sampledomain,dc=com
Authenticated Password: root's password (really ?)
Enabled Auto Create Users

Bugs

Please raise bugs under the SME-Contribs section in bugzilla and select the smeserver-? component or use this link .