Difference between revisions of "Active Directory"
Yvonne.milne (Talk | contribs) |
Yvonne.milne (Talk | contribs) |
||
| Line 1: | Line 1: | ||
Lianja v3.1 includes LDAP/Active Directory integration for roles and permissions. | Lianja v3.1 includes LDAP/Active Directory integration for roles and permissions. | ||
| − | If the environment variable LIANJA_LDAP=ON is set then LDAP user authentication is performed and the '''Groups''' that the user belongs to correspond to '''Roles''' in the App. | + | If the environment variable LIANJA_LDAP=ON is set then LDAP user authentication is performed and the '''Groups''' that the user belongs to correspond to '''Roles''' in the App. |
| + | |||
| + | You also need to specify the '''base dn''' as an environment variable which is used as the root to search for groups assigned to a specific user e.g LIANJA_LDAP_BASEDN="ou=users,dc=yourdomain,dc=com". | ||
| + | |||
| + | For testing you can set LIANJA_LDAP=OFF and use the Lianja users. | ||
| + | |||
So just to clarify the following environment variables are required when LDAP/AD is used for roles and permissions. | So just to clarify the following environment variables are required when LDAP/AD is used for roles and permissions. | ||
| − | + | [[LIANJA_LDAP]]=ON | |
| − | LIANJA_LDAP_SERVER=IPaddress[:port] | + | |
| − | LIANJA_LDAP_BASEDN="ou=users,dc=yourdomain,dc=com" | + | [[LIANJA_LDAP_SERVER]]=IPaddress[:port] |
| + | |||
| + | [[LIANJA_LDAP_BASEDN]]="ou=users,dc=yourdomain,dc=com" | ||
| + | |||
You can test the LDAP/AD authentication using: | You can test the LDAP/AD authentication using: | ||
| Line 19: | Line 27: | ||
<pre>ldap_userroles(cUserName, cLdapServer[:port] [, cLdapBasedn])</pre> | <pre>ldap_userroles(cUserName, cLdapServer[:port] [, cLdapBasedn])</pre> | ||
| − | + | This function returns the LDAP/AD '''Groups''' that the user belongs to which correspond to roles in Lianja. | |
| + | |||
The Lianja Cloud Server and the Lianja App Center (runtime) will use LDAP if the above environment variables are specified. | The Lianja Cloud Server and the Lianja App Center (runtime) will use LDAP if the above environment variables are specified. | ||
| + | |||
If you have any problems with LDAP you can [[SET DEBUG]] ON and a trace file will be written into the debug directory "ldap_xxx.txt" where xxx is the process id of the user. | If you have any problems with LDAP you can [[SET DEBUG]] ON and a trace file will be written into the debug directory "ldap_xxx.txt" where xxx is the process id of the user. | ||
Revision as of 07:45, 11 October 2016
Lianja v3.1 includes LDAP/Active Directory integration for roles and permissions.
If the environment variable LIANJA_LDAP=ON is set then LDAP user authentication is performed and the Groups that the user belongs to correspond to Roles in the App.
You also need to specify the base dn as an environment variable which is used as the root to search for groups assigned to a specific user e.g LIANJA_LDAP_BASEDN="ou=users,dc=yourdomain,dc=com".
For testing you can set LIANJA_LDAP=OFF and use the Lianja users.
So just to clarify the following environment variables are required when LDAP/AD is used for roles and permissions.
LIANJA_LDAP=ON
LIANJA_LDAP_SERVER=IPaddress[:port]
LIANJA_LDAP_BASEDN="ou=users,dc=yourdomain,dc=com"
You can test the LDAP/AD authentication using:
ldap_login(cUserName, cPassword [, cLdapServer[:port] [, cLdapBasedn]])
ldap_userroles(cUserName, cLdapServer[:port] [, cLdapBasedn])
This function returns the LDAP/AD Groups that the user belongs to which correspond to roles in Lianja.
The Lianja Cloud Server and the Lianja App Center (runtime) will use LDAP if the above environment variables are specified.
If you have any problems with LDAP you can SET DEBUG ON and a trace file will be written into the debug directory "ldap_xxx.txt" where xxx is the process id of the user.
