Changes for page Use cases of configuration to authenticate users with LDAP
Last modified by Thomas Mortagne on 2019/07/22 14:23
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -22,7 +22,7 @@ 22 22 23 23 So you can't use the <tt>xwiki.authentication.ldap.bind_DN=cn={0},department=USER,department=INFORMATIK,department=1230,o=MP</tt> pattern. 24 24 25 -The trick here is to to connet to LDAP with a user able to list LDAP users (and groups if you want to do membership synchronization). 25 +The trick here is to to connect to LDAP with a user able to list LDAP users (and groups if you want to do membership synchronization). 26 26 27 27 To handle that LDAP authentication automatically search for user DN trying to match the provided login with <tt>xwiki.authentication.ldap.UID_attr</tt> attribute value. So simply set an existing administration (or any other LDAP user with the right to search in the whole LDAP server) user DN at <tt>xwiki.authentication.ldap.bind_DN</tt> and its password at <tt>xwiki.authentication.ldap.bind_pass</tt>. LDAP authentication will user it to connect to LDAP server, search for provided user and bind found DN with provided password to validate it. 28 28 ... ... @@ -34,6 +34,7 @@ 34 34 35 35 36 36 37 + 37 37 1.1 My users are not located on the same server 38 38 39 39 e.g. if you use several subdomains and the users are defined seperately in each subdomain. This will likely be the case when you have a configuration like this:
