DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:authldap:ipa

LDAP Auth Plugin: freeIPA / Enterprise IPA RHEL Examples

Below are example configurations for use with the authLDAP plugin and the freeIPA server. The freeIPA server is also the basis for Red Hat Enterprise Linux Enterprise IPA and the examples should work on both systems.

Tip: Create a group named “wiki-admins” on the IPA server to and assign it to users. They will then be given superuser access to DokuWiki. That way you do not have to add a user to the global “admin” group on the IPA server.

PS: I have not gotten DokuWiki to work with TLS enabled.

Use the Config Manager or (create and) add it to the conf/local.protected.php to store the config protected.

freeIPA / Enterprise IPA on Red Hat Enterprise Linux

conf/local.protected.php
<?php
$conf['authtype'] = 'authldap';
$conf['superuser'] = '@wiki-admins';
$conf['plugin']['authldap']['server'] = 'ldaps://ipa.example.com';
$conf['plugin']['authldap']['port'] = 636;
$conf['plugin']['authldap']['usertree'] = 'cn=users,cn=accounts,dc=example,dc=com';
$conf['plugin']['authldap']['grouptree'] = 'cn=groups,cn=accounts,dc=example,dc=com';
$conf['plugin']['authldap']['userfilter'] = '(&(uid=%{user})(objectClass=posixAccount))';
$conf['plugin']['authldap']['groupfilter'] = '(&(member=%{dn})(objectClass=posixGroup))';
$conf['plugin']['authldap']['version'] = '3';

If the settings don't work and you want to go back to local authentication, simply comment out the first line, like this:

//$conf['authtype'] = 'authldap';
plugin/authldap/ipa.txt · Last modified: 2015-09-27 10:07 by 2001:4dd0:ff00:9581:dcb4:9320:8a84:4a7f

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki