Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | |||
72:ldap_config_authenication [2018/09/04 20:37] – [Configuring Authentication] emr | 72:ldap_config_authenication [2024/02/15 00:00] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 7: | Line 7: | ||
=== Specifying a Query User === | === Specifying a Query User === | ||
- | A query user can be specified using the optional | + | A query user can be specified using the optional ldap-query-user tag. This tag has to be nested inside an ldap-provider tag as shown below: |
< | < | ||
Line 30: | Line 30: | ||
The distinguished name can be set directly to the name attribute as shown in the example below: | The distinguished name can be set directly to the name attribute as shown in the example below: | ||
- | '' | + | ''< |
If the name attribute does not contain an equal sign (‘=’) or a comma (‘,’), then this value is set to the authentication schema in order to build up the distinguished name of the special query user. | If the name attribute does not contain an equal sign (‘=’) or a comma (‘,’), then this value is set to the authentication schema in order to build up the distinguished name of the special query user. | ||
Line 36: | Line 36: | ||
In the example below “id123“ would be set to the schema to build up the user’s distinguished name. | In the example below “id123“ would be set to the schema to build up the user’s distinguished name. | ||
- | '' | + | ''< |
**The credentials Attribute** | **The credentials Attribute** | ||
Line 61: | Line 61: | ||
**The type Attribute** | **The type Attribute** | ||
- | The <font inherit/ | + | The type attribute specifies the authentication mode to synchronize a user. Currently only the mode “simple“ is supported. |
**The principle Attribute** | **The principle Attribute** | ||
- | The <font inherit/ | + | The principalattribute |
- | Example: '' | + | Example: '' |
//NOTE//: It depends on the value of the key attribute of the ldap-provider tag whether the user’s fullname or username will be set into the schema. | //NOTE//: It depends on the value of the key attribute of the ldap-provider tag whether the user’s fullname or username will be set into the schema. | ||
Line 75: | Line 75: | ||
The ldap-authentication tag comes with the optional url attribute. The attribute can be used to set the URL of the authentication server if synchronization and authentication is done on different machines. An exemplary url attribute value is given below: [[: | The ldap-authentication tag comes with the optional url attribute. The attribute can be used to set the URL of the authentication server if synchronization and authentication is done on different machines. An exemplary url attribute value is given below: [[: | ||
- | //NOTE//: To allow authentication via SSL, set the prefix “<font inherit/ | + | //NOTE//: To allow authentication via SSL, set the prefix “ldap“ to “ldaps“. |