2016-10-15 19:57:54 +02:00
<!DOCTYPE html>
< html lang = "fr" dir = "ltr" >
< head >
< meta http-equiv = "content-type" content = "text/html; charset=UTF-8" >
< meta charset = "utf-8" / >
2017-02-07 17:35:26 +01:00
< title > documentation:2.0:applications:phpldapadmin< / title > <!-- //if:usedebianlibs
< link rel = "stylesheet" type = "text/css" href = "/javascript/bootstrap/css/bootstrap.min.css" / >
//elsif:useexternallibs
< link rel = "stylesheet" type = "text/css" href = "https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" > < / script >
//elsif:cssminified
< link rel = "stylesheet" type = "text/css" href = "/static/bwr/bootstrap/dist/css/bootstrap.min.css" / >
//else --><!-- //endif -->
2016-10-15 19:57:54 +02:00
< meta name = "generator" content = "DokuWiki" / >
< meta name = "robots" content = "index,follow" / >
< meta name = "keywords" content = "documentation,2.0,applications,phpldapadmin" / >
< link rel = "search" type = "application/opensearchdescription+xml" href = "../lib/exe/opensearch.html" title = "LemonLDAP::NG" / >
< link rel = "start" href = "phpldapadmin.html" / >
< link rel = "contents" href = "phpldapadmin.html" title = "Sitemap" / >
< link rel = "stylesheet" type = "text/css" href = "../lib/exe/css.php.t.bootstrap3.css" / >
2017-02-07 17:35:26 +01:00
< link rel = "stylesheet" type = "text/css" href = "/static/bwr/bootstrap/dist/css/bootstrap.css" / >
2016-10-15 19:57:54 +02:00
< script type = "text/javascript" > / * < ! [ C D A T A [ * / v a r N S = ' d o c u m e n t a t i o n : 2 . 0 : a p p l i c a t i o n s ' ; v a r J S I N F O = { " i d " : " d o c u m e n t a t i o n : 2 . 0 : a p p l i c a t i o n s : p h p l d a p a d m i n " , " n a m e s p a c e " : " d o c u m e n t a t i o n : 2 . 0 : a p p l i c a t i o n s " } ;
/*!]]>*/< / script >
2017-02-07 17:35:26 +01:00
< script type = "text/javascript" charset = "utf-8" src = "../lib/exe/js.php.t.bootstrap3.js" > < / script > <!-- //if:usedebianlibs
< script type = "text/javascript" src = "/javascript/jquery/jquery.min.js" > < / script >
//elsif:useexternallibs
< script type = "text/javascript" src = "http://code.jquery.com/jquery-2.2.0.min.js" > < / script >
//elsif:jsminified
< script type = "text/javascript" src = "/static/bwr/jquery/dist/jquery.min.js" > < / script >
//else -->
< script type = "text/javascript" src = "/static/bwr/jquery/dist/jquery.js" > < / script > <!-- //endif --> <!-- //if:usedebianlibs
< script type = "text/javascript" src = "/javascript/jquery-ui/jquery-ui.min.js" > < / script >
//elsif:useexternallibs
< script type = "text/javascript" src = "http://code.jquery.com/ui/1.10.4/jquery-ui.min.js" > < / script >
//elsif:jsminified
< script type = "text/javascript" src = "/lib/scripts/jquery-ui.min.js" > < / script >
//else -->
< script type = "text/javascript" src = "/lib/scripts/jquery-ui.js" > < / script > <!-- //endif -->
2016-10-15 19:57:54 +02:00
< / head >
< body >
< div class = "dokuwiki export container" > <!-- TOC START -->
< div id = "dw__toc" >
< h3 class = "toggle" > Table of Contents< / h3 >
< div >
< ul class = "toc" >
< li class = "level1" > < div class = "li" > < a href = "#presentation" > Présentation< / a > < / div > < / li >
< li class = "level1" > < div class = "li" > < a href = "#configuration" > Configuration< / a > < / div >
< ul class = "toc" >
< li class = "level2" > < div class = "li" > < a href = "#phpldapadmin_local_configuration" > Configuration locale phpLDAPadmin< / a > < / div > < / li >
< li class = "level2" > < div class = "li" > < a href = "#phpldapadmin_virtual_host" > Hôte virtuel phpLDAPadmin< / a > < / div > < / li >
< li class = "level2" > < div class = "li" > < a href = "#phpldapadmin_virtual_host_in_manager" > Hôte virtuel phpLDAPadmin dans le manager< / a > < / div > < / li >
< / ul > < / li >
< / ul >
< / div >
< / div > <!-- TOC END -->
< h1 class = "sectionedit1" id = "phpldapadmin" > phpLDAPadmin< / h1 >
< div class = "level1" >
< p >
< a href = "phpldapadmin_logo.png_documentation_2.0_applications_phpldapadmin.html" class = "media" title = "applications:phpldapadmin_logo.png" > < img src = "phpldapadmin_logo.png" class = "mediacenter" alt = "" / > < / a >
< / p >
< / div > <!-- EDIT1 SECTION "phpLDAPadmin" [1 - 72] -->
< h2 class = "sectionedit2" id = "presentation" > Présentation< / h2 >
< div class = "level2" >
< p >
< a href = "http://phpldapadmin.sourceforge.net" class = "urlextern" title = "http://phpldapadmin.sourceforge.net" rel = "nofollow" > phpLDAPadmin< / a > est un outil d'administration LDAP écrit en PHP.
< / p >
< p >
phpLDAPadmin se connecte au serveur avec un < abbr title = "Distinguished Name" > DN< / abbr > et un mot-de-passe statique et ne requiert ainsi aucune authentification. L'accès à phpLDAPadmin sera protégé par LemonLDAP::NG avec une règle particulière d'accès.
< / p >
< div class = "notewarning" > phpLDAPadmin ne connaît donc pas le nom du l'utilisateur connecté au WebSSO. Ainsi un simple utilisateur aura un accès administrateur au serveur LDAP si votre règle d'accès est trop permisive.
< / div >
< / div > <!-- EDIT2 SECTION "Presentation" [73 - 598] -->
< h2 class = "sectionedit3" id = "configuration" > Configuration< / h2 >
< div class = "level2" >
< / div > <!-- EDIT3 SECTION "Configuration" [599 - 625] -->
< h3 class = "sectionedit4" id = "phpldapadmin_local_configuration" > Configuration locale phpLDAPadmin< / h3 >
< div class = "level3" >
< p >
Mettre juste le type d'authentification à < code > config< / code > et indiquer le < abbr title = "Distinguished Name" > DN< / abbr > et le mot-de-passe dans le fichier < code > config.php< / code > :
< / p >
< pre class = "code file php" > < span class = "re0" > $ldapservers< / span > < span class = "sy0" > -> < / span > < span class = "me1" > SetValue< / span > < span class = "br0" > (< / span > < span class = "re0" > $i< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'server'< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'auth_type'< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'config'< / span > < span class = "br0" > )< / span > < span class = "sy0" > ;< / span >
< span class = "re0" > $ldapservers< / span > < span class = "sy0" > -> < / span > < span class = "me1" > SetValue< / span > < span class = "br0" > (< / span > < span class = "re0" > $i< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'login'< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'dn'< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'cn=Manager,dc=example,dc=com'< / span > < span class = "br0" > )< / span > < span class = "sy0" > ;< / span >
< span class = "re0" > $ldapservers< / span > < span class = "sy0" > -> < / span > < span class = "me1" > SetValue< / span > < span class = "br0" > (< / span > < span class = "re0" > $i< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'login'< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'pass'< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'secret'< / span > < span class = "br0" > )< / span > < span class = "sy0" > ;< / span > < / pre >
< / div > <!-- EDIT4 SECTION "phpLDAPadmin local configuration" [626 - 980] -->
< h3 class = "sectionedit5" id = "phpldapadmin_virtual_host" > Hôte virtuel phpLDAPadmin< / h3 >
< div class = "level3" >
< p >
Configurer l'hôte virtuel phpLDAPadmin comme n'importe quel autre < a href = "../configvhost.html" class = "wikilink1" title = "documentation:2.0:configvhost" > hôte virtuel protégé< / a > .
< / p >
< ul >
< li class = "level1" > < div class = "li" > Pour Apache:< / div >
< / li >
< / ul >
< pre class = "code file apache" > < < span class = "kw3" > VirtualHost< / span > *:< span class = "nu0" > 80< / span > >
< span class = "kw1" > ServerName< / span > phpldapadmin.example.com
PerlHeaderParserHandler Lemonldap::NG::Handler
...
< /< span class = "kw3" > VirtualHost< / span > > < / pre >
< ul >
< li class = "level1" > < div class = "li" > Pour Nginx:< / div >
< / li >
< / ul >
< pre class = "code file nginx" > server {
listen 80;
server_name phpldapadmin.example.com;
root /path/to/application;
# Requête interne d'authentification
location = /lmauth {
internal;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
# Ignorer les données postées
fastcgi_pass_request_body off;
fastcgi_param CONTENT_LENGTH "";
# Conserver le nom d'hôte original
fastcgi_param HOST $http_host;
# Conserver la requête originale (le serveur LLNG va recevoir /llauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
# Requêtes clients
location / {
auth_request /lmauth;
auth_request_set $lmremote_user $upstream_http_lm_remote_user;
auth_request_set $lmlocation $upstream_http_location;
error_page 401 $lmlocation;
try_files $uri $uri/ =404;
...
include /etc/lemonldap-ng/nginx-lua-headers.conf;
}
location / {
try_files $uri $uri/ =404;
}
}< / pre >
< / div > <!-- EDIT5 SECTION "phpLDAPadmin virtual host" [981 - 2256] -->
< h3 class = "sectionedit6" id = "phpldapadmin_virtual_host_in_manager" > Hôte virtuel phpLDAPadmin dans le manager< / h3 >
< div class = "level3" >
< p >
Aller dans le manager et < a href = "../configvhost.html#lemonldapng_configuration" class = "wikilink1" title = "documentation:2.0:configvhost" > créer un nouvel hôte virtuel< / a > pour phpLDAPadmin.
< / p >
< p >
Configurer simplement la < a href = "../writingrulesand_headers.html#rules" class = "wikilink1" title = "documentation:2.0:writingrulesand_headers" > règle d'accès< / a > .
< / p >
< p >
Aucun < a href = "../writingrulesand_headers.html#headers" class = "wikilink1" title = "documentation:2.0:writingrulesand_headers" > en-tête< / a > n'est nécessaire.
< / p >
< / div > <!-- EDIT6 SECTION "phpLDAPadmin virtual host in Manager" [2257 - ] -->
< / div >
< / body >
< / html >