Go to file
2018-03-16 10:35:13 +01:00
creolefuncs Adding new authorisations for reload on ip_ssh_eth0 2018-03-09 16:09:33 +01:00
diagnose Adding first working templates 2018-03-05 16:37:19 +01:00
dicos Adding CAS attributes 2018-03-09 14:29:22 +01:00
posttemplate Adding test applications configuration 2018-03-08 16:37:40 +01:00
tmpl Fix typo 2018-03-13 10:24:17 +01:00
apps.mk First commit 2018-03-02 15:44:00 +01:00
eole-lemonldap.mk Fixing eole-lemonldap.mk file 2018-03-13 10:48:32 +01:00
eole.mk First commit 2018-03-02 15:44:00 +01:00
LICENSE Initial commit 2018-03-02 09:12:54 +01:00
Makefile First commit 2018-03-02 15:44:00 +01:00
README.md Updating README Howto 2018-03-16 10:35:13 +01:00

eole-lemonldap

LemonLDAP::NG EOLE integration

Howto

Repository configuration

  • Add the lemonldap-ng deb respository we need the last version of LemonLDAP.

GenConfig -> Mode Expert -> Dépôts tiers -> Libellé du dépôt

LemonLDAP::NG repository

Cadoles Repository

Install packages

apt update apt install eole-lemonldap

Configure LemonLDAP in GenConfig

  • Enable lemonldap in "Services" tab

Gen_Config -> Services -> Activer LemonLDAP::NG -> "Oui"

  • Fill LemonLDAP configuration

Configuration DNS

GenConfig -> Lemonldap -> Nom DNS du manager LemonLDAP-NG GenConfig -> Lemonldap -> Nom DNS du service d'authentification LemonLDAP-NG

Configuration LDAP

GenConfig -> Lemonldap -> Protocole LDAP à utiliser GenConfig -> Lemonldap -> Adresse du Serveur LDAP utilisé par LemonLDAP::NG GenConfig -> Lemonldap -> Port d'écoute du LDAP utilisé par LemonLDAP::NG GenConfig -> Lemonldap -> Base DN des utilisateurs dans l'annuaire GenConfig -> Lemonldap -> Utilisateur de connection à l'annuaire (DN ex: cn=reader,o=gouv,c=fr) GenConfig -> Lemonldap -> Mot de passe de l'utilisateur de connection à l'annuaire

Configuration CAS

Add your CAS attributes mapping (default)

uid = uid mail = mail

GenConfig -> Lemonldap -> Nom de l'attribut CAS GenConfig -> Lemonldap -> Attribut LDAP équivalent

SSL issues

If you use "autosign" certificates you need to add the "manager" and "auth" service names to the alternative names. You also need to include "reload" service name (available in GenConfig -> Mode Expert -> Lemonldap -> Nom DNS du service Reload de LemonLDAP-NG)

GenConfig -> Mode Expert -> Certificats ssl -> Nom Alternatif de la machine (SubjectAltName)

If you use "manual" certificates make sure this names are covered by your SSL Certificate

If you use "letsencrypt" mode you also need to add this names to the let'sencrypt request:

GenConfig -> Mode Expert -> Certificat ssl -> Nom de domaines supplémentaires