Cadoles
/
eole-lemonldap
20
0
Fork 0
Code Issues 11 Pull Requests Releases Wiki Activity

Merge branch 'master' into dist/eole/2.6.2/master

This commit is contained in:
Philippe Caseiro 2018-03-16 10:49:06 +01:00
parent 7269e252de a4a385a439
commit f1defd2626
2 changed files with 57 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
README.md
View File

@ -1,16 +1,66 @@
# eole-lemonldap # eole-lemonldap
Intégration LemonLDAP::NG pour EOLE LemonLDAP::NG EOLE integration
## Howto ## Howto
### Repository configuration
* Add the lemonldap-ng deb respository we need the last version of LemonLDAP. * Add the lemonldap-ng deb respository we need the last version of LemonLDAP.
Gen_config -> Mode Expert -> Dépôts tiers -> Libellé du dépôt GenConfig -> Mode Expert -> Dépôts tiers -> Libellé du dépôt
### LemonLDAP::NG repository #### LemonLDAP::NG repository
* deb https://lemonldap-ng.org/deb stable main * deb https://lemonldap-ng.org/deb stable main
* deb-src https://lemonldap-ng.org/deb stable main * deb-src https://lemonldap-ng.org/deb stable main
* Key URL : https://lemonldap-ng.org/_media/rpm-gpg-key-ow2 * Key URL : https://lemonldap-ng.org/_media/rpm-gpg-key-ow2
#### Cadoles Repository
* deb [ arch=all ] https://vulcain.cadoles.com 2.6.2-dev main
* Key URL : https://vulcain.cadoles.com/cadoles.gpg
### Install packages
apt update
apt install eole-lemonldap
### Configure LemonLDAP in GenConfig
* Enable lemonldap in "Services" tab
Gen_Config -> Services -> Activer LemonLDAP::NG -> "Oui"
* Fill LemonLDAP configuration
#### Configuration DNS
* GenConfig -> Lemonldap -> Nom DNS du manager LemonLDAP-NG
* GenConfig -> Lemonldap -> Nom DNS du service d'authentification LemonLDAP-NG
#### Configuration LDAP
* GenConfig -> Lemonldap -> Protocole LDAP à utiliser
* GenConfig -> Lemonldap -> Adresse du Serveur LDAP utilisé par LemonLDAP::NG
* GenConfig -> Lemonldap -> Port d'écoute du LDAP utilisé par LemonLDAP::NG
* GenConfig -> Lemonldap -> Base DN des utilisateurs dans l'annuaire
* GenConfig -> Lemonldap -> Utilisateur de connection à l'annuaire (DN ex: cn=reader,o=gouv,c=fr)
* GenConfig -> Lemonldap -> Mot de passe de l'utilisateur de connection à l'annuaire (file like /root/.reader or the clear password)
#### Configuration CAS
Add your CAS attributes mapping ( uid = uid and mail = mail are created by default)
* GenConfig -> Lemonldap -> Nom de l'attribut CAS
* GenConfig -> Lemonldap -> Attribut LDAP équivalent
### SSL issues
If you use "autosign" certificates you need to add the "manager" and "auth" service names to the alternative names.
You also need to include "reload" service name (available in GenConfig -> Mode Expert -> Lemonldap -> Nom DNS du service Reload de LemonLDAP-NG)
* GenConfig -> Mode Expert -> Certificats ssl -> Nom Alternatif de la machine (SubjectAltName)
If you use "manual" certificates make sure this names are covered by your SSL Certificate
If you use "letsencrypt" mode you also need to add this names to the let'sencrypt request:
* GenConfig -> Mode Expert -> Certificat ssl -> Nom de domaines supplémentaires

4
tmpl/lmConf-1.js
View File

@ -229,7 +229,11 @@
}, },
"portalDisplayChangePassword": "$_auth =~ /^(LDAP|DBI|Demo)$/", "portalDisplayChangePassword": "$_auth =~ /^(LDAP|DBI|Demo)$/",
"hideOldPassword": 0, "hideOldPassword": 0,
%if %%is_file(%%ldapBindUserPassword)
"managerPassword": "%%pwdreader("", %%ldapBindUserPassword)",
%else
"managerPassword": "%%ldapBindUserPassword", "managerPassword": "%%ldapBindUserPassword",
%end if
"authChoiceParam": "lmAuth", "authChoiceParam": "lmAuth",
"lwpSslOpts": {}, "lwpSslOpts": {},
"portalSkinRules": {}, "portalSkinRules": {},