Reformatted for 80 character width, and clarified the username/nickname attribute difference
This commit is contained in:
parent
3d6a55a49f
commit
4ff2d37b10
@ -1,31 +1,48 @@
|
|||||||
The LDAP Authentication plugin allows for StatusNet to handle authentication through LDAP.
|
The LDAP Authentication plugin allows for StatusNet to handle authentication
|
||||||
|
through LDAP.
|
||||||
|
|
||||||
Installation
|
Installation
|
||||||
============
|
============
|
||||||
add "addPlugin('ldapAuthentication', array('setting'=>'value', 'setting2'=>'value2', ...);" to the bottom of your config.php
|
add "addPlugin('ldapAuthentication',
|
||||||
|
array('setting'=>'value', 'setting2'=>'value2', ...);"
|
||||||
|
to the bottom of your config.php
|
||||||
|
|
||||||
Settings
|
Settings
|
||||||
========
|
========
|
||||||
provider_name*: a unique name for this authentication provider.
|
provider_name*: a unique name for this authentication provider.
|
||||||
authoritative (false): Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check any other plugins or the internal password database).
|
authoritative (false): Set to true if LDAP's responses are authoritative
|
||||||
autoregistration (false): Set to true if users should be automatically created when they attempt to login.
|
(if authorative and LDAP fails, no other password checking will be done).
|
||||||
email_changeable (true): Are users allowed to change their email address? (true or false)
|
autoregistration (false): Set to true if users should be automatically created
|
||||||
password_changeable (true): Are users allowed to change their passwords? (true or false)
|
when they attempt to login.
|
||||||
|
email_changeable (true): Are users allowed to change their email address?
|
||||||
|
(true or false)
|
||||||
|
password_changeable (true): Are users allowed to change their passwords?
|
||||||
|
(true or false)
|
||||||
|
|
||||||
host*: LDAP server name to connect to. You can provide several hosts in an array in which case the hosts are tried from left to right.. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
host*: LDAP server name to connect to. You can provide several hosts in an
|
||||||
port: Port on the server. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
array in which case the hosts are tried from left to right.
|
||||||
version: LDAP version. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
||||||
starttls: TLS is started after connecting. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
port: Port on the server.
|
||||||
binddn: The distinguished name to bind as (username). See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
||||||
bindpw: Password for the binddn. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
version: LDAP version.
|
||||||
basedn*: LDAP base name (root directory). See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
||||||
|
starttls: TLS is started after connecting.
|
||||||
|
See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
||||||
|
binddn: The distinguished name to bind as (username).
|
||||||
|
See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
||||||
|
bindpw: Password for the binddn.
|
||||||
|
See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
||||||
|
basedn*: LDAP base name (root directory).
|
||||||
|
See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
||||||
options: See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
options: See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
||||||
filter: Default search filter. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
filter: Default search filter.
|
||||||
scope: Default search scope. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
||||||
|
scope: Default search scope.
|
||||||
|
See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
||||||
|
|
||||||
attributes: an array with the key being the StatusNet user attribute name, and the value the LDAP attribute name
|
attributes: an array that relates StatusNet user attributes to LDAP ones
|
||||||
username*
|
username*: LDAP attribute value entered when authenticating to StatusNet
|
||||||
nickname*
|
nickname*: LDAP attribute value shown as the user's nickname
|
||||||
email
|
email
|
||||||
fullname
|
fullname
|
||||||
homepage
|
homepage
|
||||||
@ -34,9 +51,13 @@ attributes: an array with the key being the StatusNet user attribute name, and t
|
|||||||
* required
|
* required
|
||||||
default values are in (parenthesis)
|
default values are in (parenthesis)
|
||||||
|
|
||||||
|
For most LDAP installations, the "nickname" and "username" attributes should
|
||||||
|
be the same.
|
||||||
|
|
||||||
Example
|
Example
|
||||||
=======
|
=======
|
||||||
Here's an example of an LDAP plugin configuration that connects to Microsoft Active Directory.
|
Here's an example of an LDAP plugin configuration that connects to
|
||||||
|
Microsoft Active Directory.
|
||||||
|
|
||||||
addPlugin('ldapAuthentication', array(
|
addPlugin('ldapAuthentication', array(
|
||||||
'provider_name'=>'Example',
|
'provider_name'=>'Example',
|
||||||
@ -47,7 +68,9 @@ addPlugin('ldapAuthentication', array(
|
|||||||
'basedn'=>'OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc',
|
'basedn'=>'OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc',
|
||||||
'host'=>array('server1', 'server2'),
|
'host'=>array('server1', 'server2'),
|
||||||
'attributes'=>array(
|
'attributes'=>array(
|
||||||
|
'username'=>'sAMAccountName',
|
||||||
'nickname'=>'sAMAccountName',
|
'nickname'=>'sAMAccountName',
|
||||||
'email'=>'mail',
|
'email'=>'mail',
|
||||||
'fullname'=>'displayName')
|
'fullname'=>'displayName')
|
||||||
));
|
));
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user