X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=plugins%2FLdapAuthentication%2FREADME;h=a21ba4d483d2f1104207e13f364b74947a6749f0;hb=b2c5b9de52ba4c3dac7d557978d27186dee01312;hp=03647e7c75908a64b2faaba0cc54873081e321d3;hpb=f600fa3b1a3a4c81f6573d05dbcf286e2834a389;p=quix0rs-gnu-social.git diff --git a/plugins/LdapAuthentication/README b/plugins/LdapAuthentication/README index 03647e7c75..a21ba4d483 100644 --- a/plugins/LdapAuthentication/README +++ b/plugins/LdapAuthentication/README @@ -1,50 +1,87 @@ -The LDAP Authentication plugin allows for StatusNet to handle authentication through LDAP. +The LDAP Authentication plugin allows for StatusNet to handle authentication +through LDAP. Installation ============ -add "addPlugin('ldapAuthentication', array('setting'=>'value', 'setting2'=>'value2', ...);" to the bottom of your config.php +add "addPlugin('ldapAuthentication', + array('setting'=>'value', 'setting2'=>'value2', ...);" +to the bottom of your config.php Settings ======== -authoritative (false): Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check the any other plugins or the internal password database). -autoregistration (false): Set to true if users should be automatically created when they attempt to login. -email_changeable (true): Are users allowed to change their email address? (true or false) -password_changeable (true): Are users allowed to change their passwords? (true or false) - -host*: LDAP server name to connect to. You can provide several hosts in an array in which case the hosts are tried from left to right.. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php -port: Port on the server. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php -version: LDAP version. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php -starttls: TLS is started after connecting. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php -binddn: The distinguished name to bind as (username). See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php -bindpw: Password for the binddn. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php -basedn*: LDAP base name (root directory). See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +provider_name*: This is a identifier designated to the connection. + It's how StatusNet will refer to the authentication source. + For the most part, any name can be used, so long as each authentication + source has a different identifier. In most cases there will be only one + authentication source used. +authoritative (false): Set to true if LDAP's responses are authoritative + (if authorative and LDAP fails, no other password checking will be done). +autoregistration (false): Set to true if users should be automatically created + when they attempt to login. +email_changeable (true): Are users allowed to change their email address? + (true or false) +password_changeable (true): Are users allowed to change their passwords? + (true or false) +password_encoding: required if users are to be able to change their passwords + Possible values are: crypt, ext_des, md5crypt, blowfish, md5, sha, ssha, + smd5, ad, clear + +host*: LDAP server name to connect to. You can provide several hosts in an + array in which case the hosts are tried from left to right. + See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +port: Port on the server. + See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +version: LDAP version. + See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +starttls: TLS is started after connecting. + See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +binddn: The distinguished name to bind as (username). + See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +bindpw: Password for the binddn. + See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +basedn*: LDAP base name (root directory). + See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php options: See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php -filter: Default search filter. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php -scope: Default search scope. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +filter: Default search filter. + See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +scope: Default search scope. + See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +schema_cachefile: File location to store ldap schema. +schema_maxage: TTL for cache file. -attributes: an array with the key being the StatusNet user attribute name, and the value the LDAP attribute name - nickname* +attributes: an array that relates StatusNet user attributes to LDAP ones + username*: LDAP attribute value entered when authenticating to StatusNet + nickname*: LDAP attribute value shown as the user's nickname email fullname homepage location - + password: required if users are to be able to change their passwords + * required default values are in (parenthesis) +For most LDAP installations, the "nickname" and "username" attributes should + be the same. + Example ======= -Here's an example of an LDAP plugin configuration that connects to Microsoft Active Directory. +Here's an example of an LDAP plugin configuration that connects to + Microsoft Active Directory. addPlugin('ldapAuthentication', array( + 'provider_name'=>'Example', 'authoritative'=>true, 'autoregistration'=>true, 'binddn'=>'username', 'bindpw'=>'password', 'basedn'=>'OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc', 'host'=>array('server1', 'server2'), + 'password_encoding'=>'ad', 'attributes'=>array( + 'username'=>'sAMAccountName', 'nickname'=>'sAMAccountName', 'email'=>'mail', - 'fullname'=>'displayName') + 'fullname'=>'displayName', + 'password'=>'unicodePwd') ));