1 The LDAP Authorization plugin allows for StatusNet to handle authorization
6 add "addPlugin('ldapAuthorization',
7 array('setting'=>'value', 'setting2'=>'value2', ...);"
8 to the bottom of your config.php
10 You *cannot* use this plugin without the LDAP Authentication plugin
14 provider_name*: This is a identifier designated to the connection.
15 It's how StatusNet will refer to the authentication source.
16 For the most part, any name can be used, so long as each authentication source has a different identifier.
17 In most cases there will be only one authentication source used.
18 authoritative (false): should this plugin be authoritative for
20 uniqueMember_attribute ('uniqueMember')*: the attribute of a group
21 that lists the DNs of its members
22 roles_to_groups: array that maps StatusNet roles to LDAP groups
23 some StatusNet roles are: moderator, administrator, sandboxed, silenced
24 login_group: if this is set to a group DN, only members of that group will be
27 The below settings must be exact copies of the settings used for the
28 corresponding LDAP Authentication plugin.
30 host*: LDAP server name to connect to. You can provide several hosts in an
31 array in which case the hosts are tried from left to right.
32 See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
33 port: Port on the server.
34 See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
35 version: LDAP version.
36 See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
37 starttls: TLS is started after connecting.
38 See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
39 binddn: The distinguished name to bind as (username).
40 See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
41 bindpw: Password for the binddn.
42 See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
43 basedn*: LDAP base name (root directory).
44 See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
45 options: See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
46 filter: Default search filter.
47 See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
48 scope: Default search scope.
49 See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
51 attributes: an array that relates StatusNet user attributes to LDAP ones
52 username*: LDAP attribute value entered when authenticating to StatusNet
55 default values are in (parenthesis)
59 Here's an example of an LDAP plugin configuration that connects to
60 Microsoft Active Directory.
62 addPlugin('ldapAuthentication', array(
63 'provider_name'=>'Example',
64 'authoritative'=>true,
65 'autoregistration'=>true,
68 'basedn'=>'OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc',
69 'host'=>array('server1', 'server2'),
70 'password_encoding'=>'ad',
72 'username'=>'sAMAccountName',
73 'nickname'=>'sAMAccountName',
75 'fullname'=>'displayName',
76 'password'=>'unicodePwd')
78 addPlugin('ldapAuthorization', array(
79 'provider_name'=>'Example',
80 'authoritative'=>false,
81 'uniqueMember_attribute'=>'member',
82 'roles_to_groups'=> array(
83 'moderator'=>'CN=SN-Moderators,OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc',
84 'administrator'=> array('CN=System-Adminstrators,OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc',
85 'CN=SN-Administrators,OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc')
89 'basedn'=>'OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc',
90 'host'=>array('server1', 'server2'),
92 'username'=>'sAMAccountName')
projects / quix0rs-gnu-social.git / blob