/
README.LDAP
69 lines (48 loc) · 2.33 KB
/
README.LDAP
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
-------------------------------------------------------------------------------
Mantis - LDAP capabilities documentation leighm@linuxbandwagon.com
-------------------------------------------------------------------------------
Here is my attempt at providing Mantis with LDAP capabilities.
=== Outline
Functionality is provided by using the php-ldap module (/usr/lib/php4/ldap.so)
An extra login method is defined within core_user_API.php inside of
function is_password_match ( $f_username, $p_test_password, $p_password )
This has a simple, non encrypted (yet) test of the LDAP directory for that user
by asking for an entry with uid=username and password=test_password, if this
exists, it is presumed that the user should be granted access.
== Configuration basics
the LDIF format I use and have tested this with is as follows :
dn: uid=tests, dc=test, dc=com, dc=au
department: testdep
organizationname: Testing Organization
cn: Test Smith
assignedgroup: users
givename: Test
sn: Smith
mail: tests@test.com.au
uid: tests
userPassword: password
objectclass: testPerson
It is also required to add the following configuration items to the
config_inc.php
#############################
### Mantis LDAP Settings ###
#############################
# --- using openldap -------------
$g_ldap_server="127.0.0.1";
$g_ldap_root_dn="dc=test,dc=com,dc=au";
$g_use_ldap_email=1; ## Should we send to the LDAP email address or what MySql tells us
# $g_ldap_organisation="(organizationname=*Traffic)"; ## optional
Dont forget to change your $g_login_method to $g_login_method = LDAP;
=== Creating new accounts
I guess there is still a bit of problem when you want to create a new user
to Mantis using LDAP, you must create the LDIF entry to LDAP, and also
sign up for a new account, if both of these line up correctly, authentication
will proceed.
=== email issues
Email address is queried from the LDAP database if the authentication is set
to use LDAP instead of the mySql entry.
Hope it works as good for you as it does for me.
Leigh Morresi
-------------------------------------------------------------------------------
Mantis - LDAP capabilities documentation leighm@linuxbandwagon.com
-------------------------------------------------------------------------------