DokuWiki

It's better when it's simple

User Tools

Site Tools


auth:ldap_ad

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
auth:ldap_ad [2009-01-23 20:27]
andi moved from auth:ldap
auth:ldap_ad [2018-02-23 19:04] (current)
Aleksandr old revision restored (2016-09-26 09:07)
Line 1: Line 1:
 ====== LDAP Auth Backend: Active Directory Examples ====== ====== LDAP Auth Backend: Active Directory Examples ======
 +
 +| Since the release 2013-05-10 “Weatherwax”\\ see AuthLDAP [[plugin:​AuthLDAP:​AD]] plugin page\\ \\ For releases 2012-10-13 “Adora Belle” and older\\ see info below  |
  
 Below are example configurations for use with the [[auth:​LDAP]] backend and the [[wp>​Active Directory]] server. Below are example configurations for use with the [[auth:​LDAP]] backend and the [[wp>​Active Directory]] server.
Line 28: Line 30:
 If you receive a binding error like "LDAP: bind with xxx failed [ldap.class.php:​90]",​ try using If you receive a binding error like "LDAP: bind with xxx failed [ldap.class.php:​90]",​ try using
  
-<​code>​+<​code ​php>
 $conf['​auth'​]['​ldap'​]['​binddn'​] ​          = '​domain\%{user}';​ $conf['​auth'​]['​ldap'​]['​binddn'​] ​          = '​domain\%{user}';​
 </​code>​ </​code>​
Line 34: Line 36:
 Replace domain with your domain name. Replace domain with your domain name.
  
-===== Different Setup ===== +If you need nested group.
 <code php> <code php>
-$conf['​authtype'​] ​                        = '​ldap';​ +$conf['​auth'​]['​ldap'​]['​groupfilter'​] ​          = '(&​(cn=*)(Member:1.2.840.113556.1.4.1941:=%{dn})(objectClass=group))';
-$conf['​auth'​]['​ldap'​]['​server'​] ​          = 'ldap://​servername.domain.tld:389';​ +
-$conf['​auth'​]['​ldap'​]['​binddn'​] ​          '%{user}@domain.tld';​ +
-$conf['​auth'​]['​ldap'​]['​usertree'​] ​        = '​ou=Users,​dc=domain,​dc=tld';​ +
-$conf['​auth'​]['​ldap'​]['​userfilter'​] ​      = '​(SAMAccountName=%{user})'; +
-$conf['​auth'​]['​ldap'​]['​mapping'​]['​name'​] ​ = '​displayname';​ +
-$conf['​auth'​]['​ldap'​]['​mapping'​]['​grps'​] ​ = array('​memberof' ​=> '/​CN=(.+?​),/i')+
-$conf['auth'​]['​ldap'​]['​referrals'​] ​       = 0; # Switch referrals off for use with Active Directory +
-$conf['​auth'​]['​ldap'​]['​version'​] ​         = 3;+
 </​code>​ </​code>​
  
Line 63: Line 56:
 $conf['​auth'​]['​ldap'​]['​mapping'​]['​grps'​] = '​array(\'​memberof\'​ => \'/​CN=(.+?​),/​i\'​)';​ $conf['​auth'​]['​ldap'​]['​mapping'​]['​grps'​] = '​array(\'​memberof\'​ => \'/​CN=(.+?​),/​i\'​)';​
 $conf['​auth'​]['​ldap'​]['​referrals'​] ​      = '​0';​ $conf['​auth'​]['​ldap'​]['​referrals'​] ​      = '​0';​
-$conf['​auth'​]['​ldap'​]['​version'​] ​        = '​3';​ 
 </​code>​ </​code>​
- 
- 
auth/ldap_ad.1232738873.txt.gz · Last modified: 2012-02-02 14:06 (external edit)