Difference between revisions of "Active Directory"
Barrymavin (Talk | contribs) |
Barrymavin (Talk | contribs) |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | Lianja | + | {{DISPLAYTITLE:Active Directory Integration}} |
| + | Lianja can optionally use LDAP/Active Directory integration for roles and permissions. | ||
If the environment variable LIANJA_LDAP=ON is set then LDAP user authentication is performed and the '''Groups''' that the user belongs to correspond to '''Roles''' in the App. | If the environment variable LIANJA_LDAP=ON is set then LDAP user authentication is performed and the '''Groups''' that the user belongs to correspond to '''Roles''' in the App. | ||
| Line 6: | Line 7: | ||
For testing you can set LIANJA_LDAP=OFF and use the Lianja users. | For testing you can set LIANJA_LDAP=OFF and use the Lianja users. | ||
| − | |||
So just to clarify the following environment variables are required when LDAP/AD is used for roles and permissions. | So just to clarify the following environment variables are required when LDAP/AD is used for roles and permissions. | ||
| Line 15: | Line 15: | ||
[[LIANJA_LDAP_BASEDN]]="ou=users,dc=yourdomain,dc=com" | [[LIANJA_LDAP_BASEDN]]="ou=users,dc=yourdomain,dc=com" | ||
| − | |||
You can test the LDAP/AD authentication using: | You can test the LDAP/AD authentication using: | ||
| Line 28: | Line 27: | ||
This function returns the LDAP/AD '''Groups''' that the user belongs to which correspond to roles in Lianja. | This function returns the LDAP/AD '''Groups''' that the user belongs to which correspond to roles in Lianja. | ||
| − | |||
The Lianja Cloud Server and the Lianja App Center (runtime) will use LDAP if the above environment variables are specified. | The Lianja Cloud Server and the Lianja App Center (runtime) will use LDAP if the above environment variables are specified. | ||
| − | |||
If you have any problems with LDAP you can [[SET DEBUG]] ON and a trace file will be written into the debug directory "ldap_xxx.txt" where xxx is the process id of the user. | If you have any problems with LDAP you can [[SET DEBUG]] ON and a trace file will be written into the debug directory "ldap_xxx.txt" where xxx is the process id of the user. | ||
Latest revision as of 08:42, 3 December 2017
Lianja can optionally use LDAP/Active Directory integration for roles and permissions.
If the environment variable LIANJA_LDAP=ON is set then LDAP user authentication is performed and the Groups that the user belongs to correspond to Roles in the App.
You also need to specify the base dn as an environment variable which is used as the root to search for groups assigned to a specific user e.g LIANJA_LDAP_BASEDN="ou=users,dc=yourdomain,dc=com".
For testing you can set LIANJA_LDAP=OFF and use the Lianja users.
So just to clarify the following environment variables are required when LDAP/AD is used for roles and permissions.
LIANJA_LDAP=ON
LIANJA_LDAP_SERVER=IPaddress[:port]
LIANJA_LDAP_BASEDN="ou=users,dc=yourdomain,dc=com"
You can test the LDAP/AD authentication using:
ldap_login(cUserName, cPassword [, cLdapServer[:port] [, cLdapBasedn]])
ldap_userroles(cUserName, cLdapServer[:port] [, cLdapBasedn])
This function returns the LDAP/AD Groups that the user belongs to which correspond to roles in Lianja.
The Lianja Cloud Server and the Lianja App Center (runtime) will use LDAP if the above environment variables are specified.
If you have any problems with LDAP you can SET DEBUG ON and a trace file will be written into the debug directory "ldap_xxx.txt" where xxx is the process id of the user.
