Reformatted for 80 character width, and clarified the username/nickname attribute difference

This commit is contained in:
Craig Andrews 2009-11-17 13:00:45 -05:00
parent 3d6a55a49f
commit 4ff2d37b10

View File

@ -1,31 +1,48 @@
The LDAP Authentication plugin allows for StatusNet to handle authentication through LDAP. The LDAP Authentication plugin allows for StatusNet to handle authentication
through LDAP.
Installation Installation
============ ============
add "addPlugin('ldapAuthentication', array('setting'=>'value', 'setting2'=>'value2', ...);" to the bottom of your config.php add "addPlugin('ldapAuthentication',
array('setting'=>'value', 'setting2'=>'value2', ...);"
to the bottom of your config.php
Settings Settings
======== ========
provider_name*: a unique name for this authentication provider. provider_name*: a unique name for this authentication provider.
authoritative (false): Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check any other plugins or the internal password database). authoritative (false): Set to true if LDAP's responses are authoritative
autoregistration (false): Set to true if users should be automatically created when they attempt to login. (if authorative and LDAP fails, no other password checking will be done).
email_changeable (true): Are users allowed to change their email address? (true or false) autoregistration (false): Set to true if users should be automatically created
password_changeable (true): Are users allowed to change their passwords? (true or false) when they attempt to login.
email_changeable (true): Are users allowed to change their email address?
(true or false)
password_changeable (true): Are users allowed to change their passwords?
(true or false)
host*: LDAP server name to connect to. You can provide several hosts in an array in which case the hosts are tried from left to right.. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php host*: LDAP server name to connect to. You can provide several hosts in an
port: Port on the server. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php array in which case the hosts are tried from left to right.
version: LDAP version. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
starttls: TLS is started after connecting. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php port: Port on the server.
binddn: The distinguished name to bind as (username). See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
bindpw: Password for the binddn. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php version: LDAP version.
basedn*: LDAP base name (root directory). See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
starttls: TLS is started after connecting.
See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
binddn: The distinguished name to bind as (username).
See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
bindpw: Password for the binddn.
See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
basedn*: LDAP base name (root directory).
See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
options: See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php options: See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
filter: Default search filter. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php filter: Default search filter.
scope: Default search scope. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
scope: Default search scope.
See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
attributes: an array with the key being the StatusNet user attribute name, and the value the LDAP attribute name attributes: an array that relates StatusNet user attributes to LDAP ones
username* username*: LDAP attribute value entered when authenticating to StatusNet
nickname* nickname*: LDAP attribute value shown as the user's nickname
email email
fullname fullname
homepage homepage
@ -34,9 +51,13 @@ attributes: an array with the key being the StatusNet user attribute name, and t
* required * required
default values are in (parenthesis) default values are in (parenthesis)
For most LDAP installations, the "nickname" and "username" attributes should
be the same.
Example Example
======= =======
Here's an example of an LDAP plugin configuration that connects to Microsoft Active Directory. Here's an example of an LDAP plugin configuration that connects to
Microsoft Active Directory.
addPlugin('ldapAuthentication', array( addPlugin('ldapAuthentication', array(
'provider_name'=>'Example', 'provider_name'=>'Example',
@ -47,7 +68,9 @@ addPlugin('ldapAuthentication', array(
'basedn'=>'OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc', 'basedn'=>'OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc',
'host'=>array('server1', 'server2'), 'host'=>array('server1', 'server2'),
'attributes'=>array( 'attributes'=>array(
'username'=>'sAMAccountName',
'nickname'=>'sAMAccountName', 'nickname'=>'sAMAccountName',
'email'=>'mail', 'email'=>'mail',
'fullname'=>'displayName') 'fullname'=>'displayName')
)); ));