Differences

This shows you the differences between two versions of the page.

--- plugin:authldap [2016-01-19 10:39] – [Real World Examples] 106.37.209.14
+++ plugin:authldap [2023-08-24 17:03] (current) – [Usage] Mention that LDAP PHP module is required in setup instructions 65.128.43.215
@@ Line 6: / Line 6: @@
 email      : andi@splitbrain.org
 type       : Auth
-lastupdate : 2014-05-18
+lastupdate : 2015-07-13
 compatible : (bundled)
 depends    :
@@ Line 14: / Line 14: @@
 downloadurl:
-bugtracker : # eg. https://github.com/splitbrain/dokuwiki/issues
+bugtracker : # eg. https://github.com/dokuwiki/dokuwiki/issues
-sourcerepo : https://github.com/splitbrain/dokuwiki/tree/master/lib/plugins/authldap
+sourcerepo : https://github.com/dokuwiki/dokuwiki/tree/master/lib/plugins/authldap
 donationurl:
 ----
@@ Line 22: / Line 22: @@
 This module allows authentication against an LDAP directory using the ACL feature. It is included with the DokuWiki release.
+Users can log into the wiki using their username and password defined in a LDAP server, adding new users is not supported through the LDAP backend.
-Users can log into the wiki using their username and password defined in a LDAP server, adding new users is not supported through the LDAP backend.\\
-用户可以用他们在LDAP上已有的用户名密码进行登录，但不支持在后台新增用户。
 ===== Usage =====
-Before this plugin can be used, you need to setup some settings:
+Before this plugin can be used, you need to ensure the LDAP PHP module is installed, then setup some settings:
-在这个插件使用之前，你需要做一些设置：
+  - Activate the authLDAP plugin in the [[plugin:extension|Extension Manager]].
-  - Activate the authLDAP plugin in the [[plugin|Plugin Manager]].在扩展管理器里激活authLDAP插件
+  - Define the LDAP server in the [[config|Configuration Manager]]
-  - Define the LDAP server in the [[config|Configuration Manager]]定义你的LDAP服务器信息
+  - Define trees, filters and connection settings too.
-  - Define trees, filters and connection settings too. 定义LDAP的组织结构，筛选器和连接信息
   - Switch on this Auth plugin via the configuration option [[config:authtype]] by selecting ''authldap''.
-  - 在管理后台的配置设置里把验证方式选为"authldap"
 The version supplied on this page shows a basic setup, this needs to be modified to your own database setup. Different setups are provided.
-本页提供的版本展示了一个基本的设置，这需要定义为你自己的参数。
 Save the configuration settings to the ''conf/local.protected.php'' file to [[plugin:config#protecting_settings|protect the settings]] against changes via Config Manager.
-//这句求大神翻译，联系我。If you understand this means,please mail to sincerelu@qq.com. thankyou ~//
 Adding and changing users is not supported through this plugin. So the User Manager, self registration of users and password reset are disabled by this plugin.
-不支持通过这个插件新增和更改用户，所以用户管理器和自助注册功能将被禁用。
 ===== Configuration=====
 The backend will be enabled with the [[config:authtype]] configuration option by selecting ''authldap'' this is part of "Authentication settings" section.
-当你选择了认证方式为 authldap ，那配置会变得可用。
 In the "Plugin Settings" are settings for the authLDAP plugin. Here you define your LDAP server and connection settings.
-在插件设置里，可以定义你的LDAP服务器和连接信息
-There are more general [[:config#available_options|authentication related settings]] available too.
-还有很多相关的设置。
+There are more general [[:config#available_options|authentication related settings]] available too.
 ===== Real World Examples =====
-Below is a list of example configurations used by various users for various LDAP servers. These are examples! Be sure to adjust them to your specific server settings.\\
+Below is a list of example configurations used by various users for various LDAP servers. These are examples! Be sure to adjust them to your specific server settings.
-下面是一个配置实例，请根据你的实际情况进行调整。
   * [[plugin:authldap:openldap|OpenLDAP]]
@@ Line 89: / Line 80: @@
 $conf['plugin']['authldap']['userfilter']  = '(&(uid=%{user})(objectClass=posixAccount))';
 $conf['plugin']['authldap']['groupfilter'] = '(&(objectClass=posixGroup)(memberUID=%{user}))';
+$conf['plugin']['authldap']['attributes']  = array('cn', 'displayname', 'mail', 'givenname', 'objectclass', 'sn', 'uid', 'memberof');
 # This is optional but may be required for your server:
@@ Line 113: / Line 105: @@
 #### not available via Config Manager ####
 # Mapping can be used to specify where the internal data is coming from.
-#$conf['plugin']['authldap']['mapping']['name']  = 'displayname'; # Name of attribute Active Directory stores it's pretty print user name.
+#$conf['plugin']['authldap']['mapping']['name']  = 'displayname'; # Name of attribute the directory stores its pretty print user name.
-#$conf['plugin']['authldap']['mapping']['grps']  = array('memberof' => '/CN=(.+?),/i'); # Where groups are defined in Active Directory
+#$conf['plugin']['authldap']['mapping']['grps']  = array('memberof' => '/CN=(.+?),/i'); # Where groups are defined in directory
 </code>
@@ Line 142: / Line 134: @@
 | name      | ''%%'displayname'%%''                       | Replace the content of name with first element of 'displayname' attribute. |
+//attributes// is an array that defines what attributes needs to be fetched during a LDAP user search.
 Authentication is done in these steps:
@@ Line 156: / Line 150: @@
   * Mappings and field names are always lowercase regardless of the case used in the LDAP server!
   * Make sure you have the PHP LDAP extension installed.
+  * to check if the LDAP connection is working, the plugin trys to bind as an anonymous user. If anonymous authentication is disable on the LDAP server the plugin can not connect to server
   * If you get the "Protocol error" message, you might have not enabled following config statement: ''$conf['plugin']['authldap']['version'] = 3;''