parent
a6eeb05ca9
commit
03a80f03fb
41
README.md
41
README.md
|
@ -4,27 +4,6 @@ LemonLDAP::NG EOLE integration
|
||||||
|
|
||||||
## Howto
|
## Howto
|
||||||
|
|
||||||
### Repository configuration
|
|
||||||
|
|
||||||
* Add the lemonldap-ng deb respository we need the last version of LemonLDAP.
|
|
||||||
|
|
||||||
GenConfig -> Mode Expert -> Dépôts tiers -> Libellé du dépôt
|
|
||||||
|
|
||||||
#### LemonLDAP::NG repository
|
|
||||||
|
|
||||||
* deb https://lemonldap-ng.org/deb 1.9 main
|
|
||||||
* deb-src https://lemonldap-ng.org/deb 1.9 main
|
|
||||||
* Key URL : https://lemonldap-ng.org/_media/rpm-gpg-key-ow2
|
|
||||||
|
|
||||||
#### Cadoles Repository
|
|
||||||
* deb [ arch=all ] https://vulcain.cadoles.com 2.6.2-dev main
|
|
||||||
* Key URL : https://vulcain.cadoles.com/cadoles.gpg
|
|
||||||
|
|
||||||
### Install packages
|
|
||||||
|
|
||||||
apt update
|
|
||||||
apt install eole-lemonldap
|
|
||||||
|
|
||||||
### Configure LemonLDAP in GenConfig
|
### Configure LemonLDAP in GenConfig
|
||||||
|
|
||||||
* Enable lemonldap in "Services" tab
|
* Enable lemonldap in "Services" tab
|
||||||
|
@ -33,18 +12,28 @@ Gen_Config -> Services -> Activer LemonLDAP::NG -> "Oui"
|
||||||
|
|
||||||
* Fill LemonLDAP configuration
|
* Fill LemonLDAP configuration
|
||||||
|
|
||||||
#### Nginx Web case
|
#### On Scribe
|
||||||
|
|
||||||
|
* LemonLDAP::NG is configured to use the local LDAP service
|
||||||
|
* We register the supplementary host names to the AD DNS
|
||||||
|
* We add the supplementary host names to the `ssl_subjectalt_names`
|
||||||
|
|
||||||
|
#### Manual configuration
|
||||||
|
|
||||||
|
##### Nginx Web case
|
||||||
|
|
||||||
By default NGINX is configured to serve "web" application, in this case the lemonLDAP::NG application will
|
By default NGINX is configured to serve "web" application, in this case the lemonLDAP::NG application will
|
||||||
not be served properly, so we need to disable this function
|
not be served properly, so we need to disable this function
|
||||||
|
|
||||||
GenConfig -> Services -> Activer la publication d’applications web par Nginx -> "Non'
|
GenConfig -> Services -> Activer la publication d’applications web par Nginx -> "Non'
|
||||||
|
|
||||||
#### Configuration DNS
|
##### Configuration DNS
|
||||||
|
|
||||||
* GenConfig -> Lemonldap -> Nom DNS du manager LemonLDAP-NG
|
* GenConfig -> Lemonldap -> Nom DNS du manager LemonLDAP-NG
|
||||||
* GenConfig -> Lemonldap -> Nom DNS du service d'authentification LemonLDAP-NG
|
* GenConfig -> Lemonldap -> Nom DNS du service d'authentification LemonLDAP-NG
|
||||||
|
|
||||||
#### Configuration LDAP
|
##### Configuration LDAP
|
||||||
|
|
||||||
* GenConfig -> Lemonldap -> Protocole LDAP à utiliser
|
* GenConfig -> Lemonldap -> Protocole LDAP à utiliser
|
||||||
* GenConfig -> Lemonldap -> Adresse du Serveur LDAP utilisé par LemonLDAP::NG
|
* GenConfig -> Lemonldap -> Adresse du Serveur LDAP utilisé par LemonLDAP::NG
|
||||||
* GenConfig -> Lemonldap -> Port d'écoute du LDAP utilisé par LemonLDAP::NG
|
* GenConfig -> Lemonldap -> Port d'écoute du LDAP utilisé par LemonLDAP::NG
|
||||||
|
@ -52,14 +41,14 @@ GenConfig -> Services -> Activer la publication d’applications web par Nginx -
|
||||||
* GenConfig -> Lemonldap -> Utilisateur de connection à l'annuaire (DN ex: cn=reader,o=gouv,c=fr)
|
* GenConfig -> Lemonldap -> Utilisateur de connection à l'annuaire (DN ex: cn=reader,o=gouv,c=fr)
|
||||||
* GenConfig -> Lemonldap -> Mot de passe de l'utilisateur de connection à l'annuaire (file like /root/.reader or the clear password)
|
* GenConfig -> Lemonldap -> Mot de passe de l'utilisateur de connection à l'annuaire (file like /root/.reader or the clear password)
|
||||||
|
|
||||||
#### Configuration CAS
|
##### Configuration CAS
|
||||||
|
|
||||||
Add your CAS attributes mapping ( uid = uid and mail = mail are created by default)
|
Add your CAS attributes mapping ( uid = uid and mail = mail are created by default)
|
||||||
|
|
||||||
* GenConfig -> Lemonldap -> Nom de l'attribut CAS
|
* GenConfig -> Lemonldap -> Nom de l'attribut CAS
|
||||||
* GenConfig -> Lemonldap -> Attribut LDAP équivalent
|
* GenConfig -> Lemonldap -> Attribut LDAP équivalent
|
||||||
|
|
||||||
### SSL issues
|
##### SSL issues
|
||||||
|
|
||||||
If you use "autosign" certificates you need to add the "manager" and "auth" service names to the alternative names.
|
If you use "autosign" certificates you need to add the "manager" and "auth" service names to the alternative names.
|
||||||
You also need to include "reload" service name (available in GenConfig -> Mode Expert -> Lemonldap -> Nom DNS du service Reload de LemonLDAP-NG)
|
You also need to include "reload" service name (available in GenConfig -> Mode Expert -> Lemonldap -> Nom DNS du service Reload de LemonLDAP-NG)
|
||||||
|
|
Loading…
Reference in New Issue