Wiki

User Tools

  • Logged in as: anonymous (anonymous)
  • Log Out

Site Tools

Trace:
mantisbt:active_directory

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
mantisbt:active_directory [2009/05/29 03:51] cbassetmantisbt:active_directory [2013/02/22 04:56] (current) sge
Line 12: Line 12:
   - If an entry was found, bind to Active Directory using dn entry found and the password provided by user. If several entries are found, each of them is tried until one successes.   - If an entry was found, bind to Active Directory using dn entry found and the password provided by user. If several entries are found, each of them is tried until one successes.
   - If the connection is a success, and if the option is activated, the user mail address is retrieved from Active Directory.   - If the connection is a success, and if the option is activated, the user mail address is retrieved from Active Directory.
 +
 ===== General LDAP configuration ===== ===== General LDAP configuration =====
 The following parameters must be set in the config_inc.php file: The following parameters must be set in the config_inc.php file:
   * $g_login_method = LDAP;   * $g_login_method = LDAP;
-  * $g_ldap_server = 'ldap://yourservername'; # or $g_ldap_server = 'ldaps://yourservername'; +  * $g_ldap_server = 'ldap://yourservername:389'; # or $g_ldap_server = 'ldaps://yourservername:636'; 
-  * $g_ldap_port = 389; # Default is 389+  * Do not use $g_ldap_port since it is depricated
   * $g_ldap_root_dn = "OU=your_organization_RDN,DC=your_organization_RDN,DC=your_organization_RDN"; # The root DN where to search users e.g. 'ou=people,dc=example,dc=com'   * $g_ldap_root_dn = "OU=your_organization_RDN,DC=your_organization_RDN,DC=your_organization_RDN"; # The root DN where to search users e.g. 'ou=people,dc=example,dc=com'
   * $g_ldap_bind_dn = 'full_DN_entry_for_generic_user';  # A system account to login to LDAP e.g. 'cn=Robert Smith,ou=people,dc=example,dc=com'   * $g_ldap_bind_dn = 'full_DN_entry_for_generic_user';  # A system account to login to LDAP e.g. 'cn=Robert Smith,ou=people,dc=example,dc=com'
Line 24: Line 25:
 If you want to use user e-mail address defined in Active Directory instead of the one defined when creating mantis account you must add the following parameter: If you want to use user e-mail address defined in Active Directory instead of the one defined when creating mantis account you must add the following parameter:
   * $g_use_ldap_email = ON;   * $g_use_ldap_email = ON;
 +
 ===== Specific Active Directory configuration ===== ===== Specific Active Directory configuration =====
 You must add the following parameters in the config_inc.php file: You must add the following parameters in the config_inc.php file:
Line 29: Line 31:
   * $g_ldap_uid_field= 'sAMAccountName'; # Use 'sAMAccountName' for Active Directory - this is the name of the attribute used to search a user   * $g_ldap_uid_field= 'sAMAccountName'; # Use 'sAMAccountName' for Active Directory - this is the name of the attribute used to search a user
  
-Additionally, make sure not to use the root of your domain for $g_ldap_root_dn parameter. If you bind to the root of your domain, i.e. just dc=company,dc=com, then Active Directory, in addition to the search results you expected, will also return referrals to the other directory partitions which would confuse actual implementation and cause an error.+Additionally, make sure not to use the root of your domain for $g_ldap_root_dn parameter. If you bind to the root of your domain, i.e. just dc=company,dc=com, then Active Directory, in addition to the search results you expected, will also return referrals to the other directory partitions which would confuse current implementation and cause an error.
  
mantisbt/active_directory.1243583500.txt.gz · Last modified: 2009/05/29 03:52 (external edit)
CC Attribution-Noncommercial-Share Alike 4.0 International Driven by DokuWiki