LDAP - How to

Next topic

Author	Message
luis muñoz	Monday 11 July 2005 7:25:04 am Hi, i,m trying to setup ez to work with an ldap server but it seems to be not too easy. I have a few questions. Is there any up to date tutorial or documentation on how to set up ez to work with ldap? I mean step by step, for people wich never used an LDAP server before. Do i have to create any thing in the LDAP server? I mean classes, specific structure... When a new user is created in ez, is it replicated in LDAP autoomatically, duplicated with a cron, or not duplicated? How can i check if ez is comunicating with LDAP or i misconfigured ez or LDAP? Looks like no error/access log is created in ez, openldap or system log Thank you for your help Luis
luis muñoz	Wednesday 13 July 2005 6:15:29 am In ldap.ini, what is the correct value for the lines: LDAPSearchScope=sub # Use the equla sign to replace "=" when specify LDAPBaseDn or LDAPSearchFilters LDAPEqualSign=-- # Add extra search requirment. Uncomment it if you don't need it. # Example LDAPSearchFilters[]=objectClass--inetOrgPerson LDAPSearchFilters[] # LDAP attribute for login. Normally, uid LDAPLoginAttribute=uid # Could be id or name LDAPUserGroupType=id # Default place to store LDAP users. Could be content object id or group name for LDAP user group, # depends on LDAPUserGroupType. LDAPUserGroup[] # LDAP attribute type for user group. Could be name or id LDAPUserGroupAttributeType=name # LDAP attribute for user group. For example, employeetype. If specified, LDAP users # will be saved under the same group as in LDAP server. LDAPUserGroupAttribute=employeetype # LDAP attribute for First name. Normally, givenname LDAPFirstNameAttribute=givenname # LDAP attribute for Last name. Normally, sn LDAPLastNameAttribute=sn # LDAP attribute for email. Normally, mail LDAPEmailAttribute=mail # LDAP encoding is utf-8 or not Utf8Encoding=false I cannot find documentation on this and need to make it work.
kracker (the)	Wednesday 13 July 2005 2:58:37 pm I can't seem to find the post now but I know there have been a few really good contributions to the forums regarding this subject. Specifically I remember a post that was basically a step by step explanation on how another developer accomplished this ... So, I'd say use google to read every LDAP mention on ez.no, it might take a while but I know you'll learn a lot if you do the reading. http://www.google.com/search?num=50&hl=en&lr=&safe=off&c2coff=1&q=site%3Aez.no+LDAP+HowTo&btnG=Search Also this forum post wasn't the one I was looking for but was detailed... http://ez.no/community/user_groups/ezug_edu/forum_of_ezug_edu/creating_av_secure_ldap_enabled_ez_site http://home2.hit.no/~jonnybe/eZ/docs/creating_secure_authentication.pdf Member since: 2001.07.13 \|\| http://ezpedia.se7enx.com/

Author

Message

Monday 11 July 2005 7:25:04 am

Hi,
i,m trying to setup ez to work with an ldap server but it seems to be not too easy. I have a few questions.

Is there any up to date tutorial or documentation on how to set up ez to work with ldap? I mean step by step, for people wich never used an LDAP server before.

Do i have to create any thing in the LDAP server? I mean classes, specific structure...

When a new user is created in ez, is it replicated in LDAP autoomatically, duplicated with a cron, or not duplicated?

How can i check if ez is comunicating with LDAP or i misconfigured ez or LDAP? Looks like no error/access log is created in ez, openldap or system log

Thank you for your help

Luis

luis muñoz

Wednesday 13 July 2005 6:15:29 am

In ldap.ini, what is the correct value for the lines:

LDAPSearchScope=sub
# Use the equla sign to replace "=" when specify LDAPBaseDn or LDAPSearchFilters
LDAPEqualSign=--
# Add extra search requirment. Uncomment it if you don't need it.
# Example LDAPSearchFilters[]=objectClass--inetOrgPerson
LDAPSearchFilters[]
# LDAP attribute for login. Normally, uid
LDAPLoginAttribute=uid
# Could be id or name
LDAPUserGroupType=id
# Default place to store LDAP users. Could be content object id or group name for LDAP user group,
# depends on LDAPUserGroupType.
LDAPUserGroup[]
# LDAP attribute type for user group. Could be name or id
LDAPUserGroupAttributeType=name
# LDAP attribute for user group. For example, employeetype. If specified, LDAP users
# will be saved under the same group as in LDAP server.
LDAPUserGroupAttribute=employeetype
# LDAP attribute for First name. Normally, givenname
LDAPFirstNameAttribute=givenname
# LDAP attribute for Last name. Normally, sn
LDAPLastNameAttribute=sn
# LDAP attribute for email. Normally, mail
LDAPEmailAttribute=mail
# LDAP encoding is utf-8 or not
Utf8Encoding=false

I cannot find documentation on this and need to make it work.

kracker (the)

Wednesday 13 July 2005 2:58:37 pm

I can't seem to find the post now but I know there have been a few really good contributions to the forums regarding this subject.

Specifically I remember a post that was basically a step by step explanation on how another developer accomplished this ...

So, I'd say use google to read every LDAP mention on ez.no, it might take a while but I know you'll learn a lot if you do the reading.
http://www.google.com/search?num=50&hl=en&lr=&safe=off&c2coff=1&q=site%3Aez.no+LDAP+HowTo&btnG=Search

Also this forum post wasn't the one I was looking for but was detailed...
http://ez.no/community/user_groups/ezug_edu/forum_of_ezug_edu/creating_av_secure_ldap_enabled_ez_site
http://home2.hit.no/~jonnybe/eZ/docs/creating_secure_authentication.pdf

Member since: 2001.07.13 || http://ezpedia.se7enx.com/