Cadoles/eole-lemonldap

Go to file

Philippe Caseiro 3edf7dd774 Fix ldapVerify values

2021-03-03 16:24:20 +01:00

Python3 ConfigParser is in configparser module

2020-10-14 13:16:37 +02:00

Don't crash if LemonLDAP::NG is disabled

2020-10-14 13:17:07 +02:00

set correct openldap conf

2020-12-16 10:30:33 +01:00

patch lemonldap pour corriger le problème des attributs avec la valeur 0 (ref #31384 )

2021-01-05 11:27:02 +01:00

parent d08c965ee8959bec8afb87d1c9ee0c137f391f51

2020-11-24 15:47:38 +01:00

patch lemonldap pour corriger le problème des attributs avec la valeur 0 (ref #31384 )

2021-01-05 11:27:02 +01:00

Fix ldapVerify values

2021-03-03 16:24:20 +01:00

.gitignore

Prepare version 2.8.1

2020-10-15 09:34:31 +02:00

apps.mk

First commit

2018-03-02 15:44:00 +01:00

eole-lemonldap-ng.mk

patch lemonldap pour corriger le problème des attributs avec la valeur 0 (ref #31384 )

2021-01-05 11:27:02 +01:00

eole.mk

First commit

2018-03-02 15:44:00 +01:00

LICENSE

Initial commit

2018-03-02 09:12:54 +01:00

Makefile

Merge branch '2.8.0/master'

2021-01-05 11:31:43 +01:00

README.md

Mise à jour de 'README.md'

2021-01-06 11:23:29 +01:00

README.md

eole-lemonldap

LemonLDAP::NG EOLE integration

Howto

Repository configuration

Add the lemonldap-ng deb respository we need the last version of LemonLDAP.

GenConfig -> Mode Expert -> Dépôts tiers -> Libellé du dépôt

LemonLDAP::NG repository (if you use EOLE 2.8.X this is not needed anymore)

deb https://lemonldap-ng.org/deb stable main
deb-src https://lemonldap-ng.org/deb stable main
Key URL : https://lemonldap-ng.org/_media/rpm-gpg-key-ow2

Cadoles Repository

deb [ arch=all ] https://vulcain.cadoles.com 2.7.2-dev main
Key URL : https://vulcain.cadoles.com/cadoles.gpg

Install packages

apt update apt install eole-lemonldap

Configure LemonLDAP in GenConfig

Enable lemonldap in "Services" tab

Gen_Config -> Services -> Activer LemonLDAP::NG -> "Oui"

Fill LemonLDAP configuration

On Scribe

LemonLDAP::NG is configured to use the local LDAP service
We register the supplementary host names to the AD DNS
We add the supplementary host names to the ssl_subjectalt_names

Manual configuration

Nginx Web case

By default NGINX is configured to serve "web" application, in this case the lemonLDAP::NG application will not be served properly, so we need to disable this function

GenConfig -> Services -> Activer la publication d’applications web par Nginx -> "Non'

Configuration DNS

GenConfig -> Lemonldap -> Nom DNS du manager LemonLDAP-NG
GenConfig -> Lemonldap -> Nom DNS du service d'authentification LemonLDAP-NG

Configuration LDAP

GenConfig -> Lemonldap -> Protocole LDAP à utiliser
GenConfig -> Lemonldap -> Adresse du Serveur LDAP utilisé par LemonLDAP::NG
GenConfig -> Lemonldap -> Port d'écoute du LDAP utilisé par LemonLDAP::NG
GenConfig -> Lemonldap -> Base DN des utilisateurs dans l'annuaire
GenConfig -> Lemonldap -> Utilisateur de connection à l'annuaire (DN ex: cn=reader,o=gouv,c=fr)
GenConfig -> Lemonldap -> Mot de passe de l'utilisateur de connection à l'annuaire (file like /root/.reader or the clear password)

Configuration CAS

Add your CAS attributes mapping ( uid = uid and mail = mail are created by default)

GenConfig -> Lemonldap -> Nom de l'attribut CAS
GenConfig -> Lemonldap -> Attribut LDAP équivalent

SSL issues

If you use "autosign" certificates you need to add the "manager" and "auth" service names to the alternative names. You also need to include "reload" service name (available in GenConfig -> Mode Expert -> Lemonldap -> Nom DNS du service Reload de LemonLDAP-NG)

GenConfig -> Mode Expert -> Certificats ssl -> Nom Alternatif de la machine (SubjectAltName)

If you use "manual" certificates make sure this names are covered by your SSL Certificate

If you use "letsencrypt" mode you also need to add this names to the let'sencrypt request:

GenConfig -> Mode Expert -> Certificat ssl -> Nom de domaines supplémentaires