AD & LDAP

General discussion of Mantis.

Moderators: Developer, Contributor

Post Reply
ZiZou1991
Posts: 23
Joined: 21 Jul 2014, 12:12

AD & LDAP

Post by ZiZou1991 »

Hello

I try to use LDAP authentification instead of a classic Data Base
How shall i do that? (software to install, configuration steps...)
PS I have windows 8.1 pro

thanks
atrol
Site Admin
Posts: 8366
Joined: 26 Mar 2008, 21:37
Location: Germany

Re: AD & LDAP

Post by atrol »

Please use Search before posting and read the Manual
ZiZou1991
Posts: 23
Joined: 21 Jul 2014, 12:12

Re: AD & LDAP

Post by ZiZou1991 »

Hello,
I want to move from DataBase authentification to LDAP
I create an Active Directory in my Windows server 2012 running with VirtualBox and I create also a domain : mantis.local
I set up a virtualbox host only ethernet adapter and i join my host machine to this domain
I create an organisation unit and a user
please how to configure ldap (how to fill the parameters)
/**************************
* MantisBT LDAP Settings *
**************************/

/**
* Specifies the LDAP or Active Directory server to connect to, and must be
* provided as an URI
* - Protocol is optional, can be one of ldap or ldaps, defaults to ldap
* - Port number is optional, and defaults to 389. If this doesn't work, try
* using one of the following standard port numbers: 636 (ldaps); for Active
* Directory Global Catalog forest-wide search, use 3268 (ldap) or 3269 (ldaps)
*
* Examples of valid URI:
*
* ldap.example.com
* ldap.example.com:3268
* ldap://ldap.example.com/
* ldaps://ldap.example.com:3269/
*
* @global string $g_ldap_server
*/
$g_ldap_server = 'ldap://ldap.mantis.local/';

/**
*
* @global string $g_ldap_root_dn
*/
$g_ldap_root_dn = 'ou=mantis,dc=mantis,dc=local';

/**
* e.g. '(organizationname=*Traffic)'
* @global string $g_ldap_organization
*/
$g_ldap_organization = '';

/**
* Use 'sAMAccountName' for Active Directory
* @global string $g_ldap_uid_field
*/
$g_ldap_uid_field = 'sAMAccountName';

/**
* The LDAP field for real name (i.e. common name).
* @global string $g_ldap_realname_field
*/
$g_ldap_realname_field = 'cn';

/**
* The distinguished of the user account to use for binding to the LDAP server.
* For example, 'CN=ldap,OU=Administrators,DC=example,DC=com'.
*
* @global string $g_ldap_bind_dn
*/
$g_ldap_bind_dn = 'CN=Administrator,DC=mantis,DC=local';

/**
* The password for the service account to be used for connecting to the LDAP server.
*
* @global string $g_ldap_bind_passwd
*/
$g_ldap_bind_passwd = 'etmjf0347md.:;()';

/**
* Should we send to the LDAP email address or what MySql tells us
* @global int $g_use_ldap_email
*/
$g_use_ldap_email = OFF;

/**
* Whether or not to pull the real name from LDAP.
* ON from LDAP, OFF from database.
* @global int $g_use_ldap_realname
*/
$g_use_ldap_realname = OFF;

/**
* The LDAP Protocol Version, if 0, then the protocol version is not set. For Active Directory use version 3.
*
* @global int $g_ldap_protocol_version
*/
$g_ldap_protocol_version = 0;

/**
* Determines whether the LDAP library automatically follows referrals returned by LDAP servers or not.
* This maps to LDAP_OPT_REFERRALS ldap library option. For Active Directory, this should be set to OFF.
*
* @global int $g_ldap_follow_referrals
*/
$g_ldap_follow_referrals = ON;

/**
* For development purposes, this is a configuration option that allows replacing
* the ldap communication with a comma separated text file. The text file has a line per user.
* Each line includes: user name, user real name, email, password. For production
* systems this option should be set to ''.
*/
$g_ldap_simulation_file_path = '';
Post Reply