1 Authenticate a user against an LDAP directory
2 Useful for Windows Active Directory and other LDAP-based organisations
3 to maintain a single password across the organisation.
4 Optionally authenticates only if a member of a given group in the directory.
6 By default, the person must have registered with Friendica using the normal registration
7 procedures in order to have a Friendica user record, contact, and profile.
8 However, it's possible with an option to automate the creation of a Friendica basic account.
10 Note when using with Windows Active Directory: you may need to set TLS_CACERT in your site
11 ldap.conf file to the signing cert for your LDAP server.
13 The configuration options for this module may be set in the .htconfig.php file
16 // ldap hostname server - required
17 $a->config['ldapauth']['ldap_server'] = 'host.example.com';
18 // dn to search users - required
19 $a->config['ldapauth']['ldap_searchdn'] = 'ou=users,dc=example,dc=com';
20 // attribute to find username - required
21 $a->config['ldapauth']['ldap_userattr'] = 'uid';
23 // admin dn - optional - only if ldap server dont have anonymous access
24 $a->config['ldapauth']['ldap_binddn'] = 'cn=admin,dc=example,dc=com';
25 // admin password - optional - only if ldap server dont have anonymous access
26 $a->config['ldapauth']['ldap_bindpw'] = 'password';
28 // for create Friendica account if user exist in ldap
29 // required an email and a simple (beautiful) nickname on user ldap object
30 // active account creation - optional - default none
31 $a->config['ldapauth']['ldap_autocreateaccount'] = 'true';
32 // attribute to get email - optional - default : 'mail'
33 $a->config['ldapauth']['ldap_autocreateaccount_emailattribute'] = 'mail';
34 // attribute to get nickname - optional - default : 'givenName'
35 $a->config['ldapauth']['ldap_autocreateaccount_nameattribute'] = 'givenName';
projects / friendica-addons.git / blob