update readme

This commit is contained in:
Développeur égaré 2015-02-04 16:55:07 +01:00
parent 4020bf861e
commit 31456b2f43
3 changed files with 44 additions and 5 deletions

BIN
ldapauth.tgz Executable file → Normal file

Binary file not shown.

View File

@ -1,17 +1,37 @@
Authenticate a user against an LDAP directory Authenticate a user against an LDAP directory
Useful for Windows Active Directory and other LDAP-based organisations Useful for Windows Active Directory and other LDAP-based organisations
to maintain a single password across the organisation. to maintain a single password across the organisation.
Optionally authenticates only if a member of a given group in the directory. Optionally authenticates only if a member of a given group in the directory.
The person must have registered with Friendica using the normal registration By default, the person must have registered with Friendica using the normal registration
procedures in order to have a Friendica user record, contact, and profile. procedures in order to have a Friendica user record, contact, and profile.
However, it's possible with an option to automate the creation of a Friendica basic account.
Note when using with Windows Active Directory: you may need to set TLS_CACERT in your site Note when using with Windows Active Directory: you may need to set TLS_CACERT in your site
ldap.conf file to the signing cert for your LDAP server. ldap.conf file to the signing cert for your LDAP server.
The required configuration options for this module may be set in the .htconfig.php file The configuration options for this module may be set in the .htconfig.php file
e.g.: e.g.:
// ldap hostname server - required
$a->config['ldapauth']['ldap_server'] = 'host.example.com'; $a->config['ldapauth']['ldap_server'] = 'host.example.com';
// dn to search users - required
$a->config['ldapauth']['ldap_searchdn'] = 'ou=users,dc=example,dc=com';
// attribute to find username - required
$a->config['ldapauth']['ldap_userattr'] = 'uid';
// admin dn - optional - only if ldap server dont have anonymous access
$a->config['ldapauth']['ldap_binddn'] = 'cn=admin,dc=example,dc=com';
// admin password - optional - only if ldap server dont have anonymous access
$a->config['ldapauth']['ldap_bindpw'] = 'password';
// for create Friendica account if user exist in ldap
// required an email and a simple (beautiful) nickname on user ldap object
// active account creation - optional - default none
$a->config['ldapauth']['ldap_autocreateaccount'] = 'true';
// attribute to get email - optional - default : 'mail'
$a->config['ldapauth']['ldap_autocreateaccount_emailattribute'] = 'mail';
// attribute to get nickname - optional - default : 'givenName'
$a->config['ldapauth']['ldap_autocreateaccount_nameattribute'] = 'givenName';
...etc. ...etc.

View File

@ -25,12 +25,31 @@
* Note when using with Windows Active Directory: you may need to set TLS_CACERT in your site * Note when using with Windows Active Directory: you may need to set TLS_CACERT in your site
* ldap.conf file to the signing cert for your LDAP server. * ldap.conf file to the signing cert for your LDAP server.
* *
* The required configuration options for this module may be set in the .htconfig.php file * The configuration options for this module may be set in the .htconfig.php file
* e.g.: * e.g.:
* *
* // ldap hostname server - required
* $a->config['ldapauth']['ldap_server'] = 'host.example.com'; * $a->config['ldapauth']['ldap_server'] = 'host.example.com';
* ...etc. * // dn to search users - required
* $a->config['ldapauth']['ldap_searchdn'] = 'ou=users,dc=example,dc=com';
* // attribute to find username - required
* $a->config['ldapauth']['ldap_userattr'] = 'uid';
* *
* // admin dn - optional - only if ldap server dont have anonymous access
* $a->config['ldapauth']['ldap_binddn'] = 'cn=admin,dc=example,dc=com';
* // admin password - optional - only if ldap server dont have anonymous access
* $a->config['ldapauth']['ldap_bindpw'] = 'password';
*
* // for create Friendica account if user exist in ldap
* // required an email and a simple (beautiful) nickname on user ldap object
* // active account creation - optional - default none
* $a->config['ldapauth']['ldap_autocreateaccount'] = 'true';
* // attribute to get email - optional - default : 'mail'
* $a->config['ldapauth']['ldap_autocreateaccount_emailattribute'] = 'mail';
* // attribute to get nickname - optional - default : 'givenName'
* $a->config['ldapauth']['ldap_autocreateaccount_nameattribute'] = 'givenName';
*
* ...etc.
*/ */
require_once('include/user.php'); require_once('include/user.php');