From 31456b2f43daa3516300c69c4ad54d5468dece0c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?D=C3=A9veloppeur=20=C3=A9gar=C3=A9?= <97802n@mac97802n.maif.local> Date: Wed, 4 Feb 2015 16:55:07 +0100 Subject: [PATCH] update readme --- ldapauth.tgz | Bin 1941 -> 2357 bytes ldapauth/README | 26 +++++++++++++++++++++++--- ldapauth/ldapauth.php | 23 +++++++++++++++++++++-- 3 files changed, 44 insertions(+), 5 deletions(-) mode change 100755 => 100644 ldapauth.tgz diff --git a/ldapauth.tgz b/ldapauth.tgz old mode 100755 new mode 100644 index 62ff161abc5b090d3e32cdd9c22521b41e0b0354..aa3da0a902264720046eda40dc97e2c67c32c251 GIT binary patch literal 2357 zcmV-53Ci{#iwFQFK+;qI1MOPtQ`<-q&sY3cOkBRmP6@wo;11TgaNw;?6^|5QcR!>k zBTHjj8+pb%BZZ}|_}{mC9eKOb!#W<1f2-4J?q%w~ z1@V6eiSUXvH;iK;{h!DGr+-7dOO3a0OXMv%^ConkoE#s1B8QL)l*OU%#S||cQ|XIv z8i$oDiz3jLF+mc}U@07e#0i}Y z00PJFBLK+ANbqDzKpjd=t+FEjb4vm`^pYrc)rKj=jx#cWLLp-h3>0(}%9si;<|d5C z8J8!BUNJE)CSGK=3I$ok0b=RXAQ6BN^n-zb3>={3dO1mO0f4~{m-rmK;{zOYsL2LI zOMc-u^cxi}31df+DL5(|fb$e8h#FVULHXbtKEco;HeXN;NV#OD6XFy4;BcQOEVkY_ z((^0|L>c+|VNM4MrUfGF##!lny3&V~eS zLIwmV!x2MWJ{7UbFvX*C5ZnR=*NM&ROSA|0!%l2RA0c>iB^;9fC82fx^s=N(EqC9%9)m_?Bjz!pk7mno~~l6K5Y*<2bq=# zjg8Tz=3~3j<{6>d6R}8W8V!<9!x7Y_HfEvPed6FnXMNRuB{kKhktkV@AW8l95Eylk z;O)Xw5TWEbKr?wZOX~GHjs3bh-Ag9qea?JZbwcJxNkAJIQS4n#?VwaD4HM?8xLE{! zJiXy)tk%eXOI!BT>W?}9T6MCgrQ;Gu-7Pd0-VNjBR3>uwbIhRpZlU^wGlHV9LDv*5yH4-EPH#MF=JA7?sRX1b=oh$NM^A ztFwf4b0-$~bjGSX?NV0LkngchZ&qT3j+tY%2isD>=KRYs+v8~ob9##9nDrgvQqXD} za&A=?m--U^`+f2eS#ynSUD5M>@G(uf2DP@Le0#&*gr)YHz>RQ3S#>q@YBem4RXtJ0 zh4R5_igNfK)idvha@wX*m&zBVuv)b$)6%P{tCpZ;RBiq0&LOoY(X9*)V`l+F&J10Z zwc6Z1-56QgxHvrd?2@Ko19a67X?vJ4Wt)N$% z%+&5=>IpiZlM1Wr=vNyK1}d!>Qbl$sg6&o|Nh(y#q{4SDQkfYz70P&a7vqa|8E6rg zGIAX4 zEj|#)hZR7AzEE-G3S<86cO&YxTKgpM;0+v{`Us+oNAl~1_x)-6SG@!MZTpJSQzP$5 z6S?iGRtt-2|5n9Qm8tBn&YmE;@6|@vvCpEok{aVE(YT~-nLVJuQfjCJCw({!DXzA# zpMp01@Bs?7o$5HNA_je3r;FP2#gU21baS=5>EHpiNNYw(DXZwdo`iV={g%gd~Imz^~90aMu%Oc=bLkFaLDzn6Ry%T4!52@ z*(z;#rlkj3r4?pb-!sTsI>p-52y5l})!M_W(x&ECn;BYdc4GCEaaHMQld27msh&8a z`i=qB)2CCL8%=%xTxzpJsgj*X{n+Dr<1`yL;s5^~J3M#0ef(k0Apn?i2 bsGx!hDyX1>3M#0ef|k+WGvPs&08jt`==G%! literal 1941 zcmV;G2Wt2qiwFqhSs5boFYR~*$KEed_x3#etl zfFh89p)%kDLM2VyHX^l)oiHZEf9KAQ^U}3jfx!ou#Y*bjJ@?%C?wq($;4Qo)p0z4} zZnSaSzP(rJ?(N?0c6Tf7z5VX~ZU^VHQR#HsJNsP}>+Dt9o$lW4b_Mn-e_~wLey|at*?aI~o)8p=aT<>b@=FKYHgqPl&_2BvA!&h*Ksla#~`d-ZF)?=o887|^b z@LuUAc#tS2!JB#^S21|p00g0Aek|lEX}@JsY0XZvgWolPkUe-2eq!*#Rvz4)#qpxo zYGt+9^u@fjkYW->tTjjBdqr*UbUyQmU8@S#g(os(JV0jP1%co+MSm|ukVI>I!+$^T z(Hq4kNdyxi;a$iBaiZYRkHaqv9$PU~3_u{R)cUu^o?2Gb-=asS&&Gk$UZuV%wl11y%G}MKw>E2f-f*Se(dUirrFRWw5Q^PePPmtFm@Cy zFi_z*VuqE6@H#k%Pq7hmjEm;xOJ)d(Ny#RzPv~R7eUb3kM&qSGtrHBaaZY2eUGW~A ziUe2l6gXo68CEQYCQFJtOkou^WZ+!Ca3FC+7nkfHM;+ZnCf5d=W7!UZ+p$&1RFuej3tNwVE;> z3GTDH6LLRF0@k86Ck9TVU#(Ur3HP-h*4~JU5i`BsfN#|;n}nm85TEK!G5H-A99{ga zm75#gw%@h(sHjZFzppf(@DhQ9|9uK)MC;q0dt-a735Aoo6EZ$ry@o3MyP|gzSFA3 ziR9#7?%f*F*0#HC$r6Ps;Mgvt9ezE4DT_xYJ?nXTx~1%F^b4wEtlxlNsA|N{sxD48 zQeB)F)ts;={aL^-By7aW$`lSSj^(+^xma1*H2e!mYcbN?GHTQ{b+cq?Qk<`UR{lJ! z5yM?CBCg>$iP_IWFR7nviPGrT4W-(-9bIbI0Qa?s@%m=&H5%2e%_C8xiCTX%L&R@0 zJIisX>Bj+j=p$P?U$nt`JvEt^UIXuDgIY%2*01Rt%0!aF%5g7r&MH{UV(~T_OLC?^ zz{HCb>!-z@LL%P>MH6Kp6t?s;4TN3~`ykbhM`oX_TP;^_w4!nqvNATN6$xZ z2gBFTj$XPujsC{U!@-lmaCrFqwF_-jOWD;QWbGkWDmEpz*k-Wn9vmDP-q`(C`=e*S zYp--K)`7|!Np7axh1})F(gf$g!OyJo7K5shH=_^+8G}hE6{a_j;hTGvqA6yut5es;xhzQm)mzlMjC^DyyL zvv2`<+Yg8bM;_F-=@nolUFR40UC2kTQx9~L!Rwzep+EB=$WmLpU?IC%64vJrvdk%P1<&rWc8$$-`e(cWorNH z`5VN+JuT=uJoG=MGr2R4hQ_JXm+S=vr*cOf-08zf$Y{3H=##bd&k({myhA&I1>IR7SLqd%$T(_QyqBz?8UQV z=+xZYs(Ji1T&(%@HFSBK*(#MbdRDm_8;yvz{iWZ3c6Rr6 zEAUs&|Nryfe}3-Z`;tz*fAPq>da0+~)#FP&+`hzbX)!#W| bP7j!``u^3p8du|LY&?DdvmUf603-ka(dys( diff --git a/ldapauth/README b/ldapauth/README index 90ee2595b..ee09e94d6 100755 --- a/ldapauth/README +++ b/ldapauth/README @@ -1,17 +1,37 @@ Authenticate a user against an LDAP directory Useful for Windows Active Directory and other LDAP-based organisations to maintain a single password across the organisation. - Optionally authenticates only if a member of a given group in the directory. -The person must have registered with Friendica using the normal registration +By default, the person must have registered with Friendica using the normal registration procedures in order to have a Friendica user record, contact, and profile. +However, it's possible with an option to automate the creation of a Friendica basic account. Note when using with Windows Active Directory: you may need to set TLS_CACERT in your site ldap.conf file to the signing cert for your LDAP server. -The required configuration options for this module may be set in the .htconfig.php file +The configuration options for this module may be set in the .htconfig.php file e.g.: +// ldap hostname server - required $a->config['ldapauth']['ldap_server'] = 'host.example.com'; +// dn to search users - required +$a->config['ldapauth']['ldap_searchdn'] = 'ou=users,dc=example,dc=com'; +// attribute to find username - required +$a->config['ldapauth']['ldap_userattr'] = 'uid'; + +// admin dn - optional - only if ldap server dont have anonymous access +$a->config['ldapauth']['ldap_binddn'] = 'cn=admin,dc=example,dc=com'; +// admin password - optional - only if ldap server dont have anonymous access +$a->config['ldapauth']['ldap_bindpw'] = 'password'; + +// for create Friendica account if user exist in ldap +// required an email and a simple (beautiful) nickname on user ldap object +// active account creation - optional - default none +$a->config['ldapauth']['ldap_autocreateaccount'] = 'true'; +// attribute to get email - optional - default : 'mail' +$a->config['ldapauth']['ldap_autocreateaccount_emailattribute'] = 'mail'; +// attribute to get nickname - optional - default : 'givenName' +$a->config['ldapauth']['ldap_autocreateaccount_nameattribute'] = 'givenName'; + ...etc. diff --git a/ldapauth/ldapauth.php b/ldapauth/ldapauth.php index 2c8f3effd..62f4b003b 100755 --- a/ldapauth/ldapauth.php +++ b/ldapauth/ldapauth.php @@ -25,12 +25,31 @@ * Note when using with Windows Active Directory: you may need to set TLS_CACERT in your site * ldap.conf file to the signing cert for your LDAP server. * - * The required configuration options for this module may be set in the .htconfig.php file + * The configuration options for this module may be set in the .htconfig.php file * e.g.: * + * // ldap hostname server - required * $a->config['ldapauth']['ldap_server'] = 'host.example.com'; - * ...etc. + * // dn to search users - required + * $a->config['ldapauth']['ldap_searchdn'] = 'ou=users,dc=example,dc=com'; + * // attribute to find username - required + * $a->config['ldapauth']['ldap_userattr'] = 'uid'; * + * // admin dn - optional - only if ldap server dont have anonymous access + * $a->config['ldapauth']['ldap_binddn'] = 'cn=admin,dc=example,dc=com'; + * // admin password - optional - only if ldap server dont have anonymous access + * $a->config['ldapauth']['ldap_bindpw'] = 'password'; + * + * // for create Friendica account if user exist in ldap + * // required an email and a simple (beautiful) nickname on user ldap object + * // active account creation - optional - default none + * $a->config['ldapauth']['ldap_autocreateaccount'] = 'true'; + * // attribute to get email - optional - default : 'mail' + * $a->config['ldapauth']['ldap_autocreateaccount_emailattribute'] = 'mail'; + * // attribute to get nickname - optional - default : 'givenName' + * $a->config['ldapauth']['ldap_autocreateaccount_nameattribute'] = 'givenName'; + * + * ...etc. */ require_once('include/user.php');