2016-10-15 19:57:04 +02:00
<!DOCTYPE html>
< html lang = "en" dir = "ltr" >
< head >
< meta charset = "utf-8" / >
< title > documentation:2.0:applications:phpldapadmin< / title >
< meta name = "generator" content = "DokuWiki" / >
< meta name = "robots" content = "index,follow" / >
< meta name = "keywords" content = "documentation,2.0,applications,phpldapadmin" / >
< link rel = "search" type = "application/opensearchdescription+xml" href = "../lib/exe/opensearch.html" title = "LemonLDAP::NG" / >
< link rel = "start" href = "phpldapadmin.html" / >
< link rel = "contents" href = "phpldapadmin.html" title = "Sitemap" / >
< link rel = "stylesheet" type = "text/css" href = "../lib/exe/css.php.t.bootstrap3.css" / >
2017-02-07 17:35:26 +01:00
<!-- //if:usedebianlibs
< link rel = "stylesheet" type = "text/css" href = "/javascript/bootstrap/css/bootstrap.min.css" / >
//elsif:useexternallibs
< link rel = "stylesheet" type = "text/css" href = "https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" > < / script >
//elsif:cssminified
< link rel = "stylesheet" type = "text/css" href = "/static/bwr/bootstrap/dist/css/bootstrap.min.css" / >
//else -->
< link rel = "stylesheet" type = "text/css" href = "/static/bwr/bootstrap/dist/css/bootstrap.css" / >
<!-- //endif -->
2016-10-15 19:57:04 +02:00
< script type = "text/javascript" > / * < ! [ C D A T A [ * / v a r N S = ' d o c u m e n t a t i o n : 2 . 0 : a p p l i c a t i o n s ' ; v a r J S I N F O = { " i d " : " d o c u m e n t a t i o n : 2 . 0 : a p p l i c a t i o n s : p h p l d a p a d m i n " , " n a m e s p a c e " : " d o c u m e n t a t i o n : 2 . 0 : a p p l i c a t i o n s " } ;
/*!]]>*/< / script >
< script type = "text/javascript" charset = "utf-8" src = "../lib/exe/js.php.t.bootstrap3.js" > < / script >
2017-02-07 17:35:26 +01:00
<!-- //if:usedebianlibs
< script type = "text/javascript" src = "/javascript/jquery/jquery.min.js" > < / script >
//elsif:useexternallibs
< script type = "text/javascript" src = "http://code.jquery.com/jquery-2.2.0.min.js" > < / script >
//elsif:jsminified
< script type = "text/javascript" src = "/static/bwr/jquery/dist/jquery.min.js" > < / script >
//else -->
< script type = "text/javascript" src = "/static/bwr/jquery/dist/jquery.js" > < / script >
<!-- //endif -->
<!-- //if:usedebianlibs
< script type = "text/javascript" src = "/javascript/jquery-ui/jquery-ui.min.js" > < / script >
//elsif:useexternallibs
< script type = "text/javascript" src = "http://code.jquery.com/ui/1.10.4/jquery-ui.min.js" > < / script >
//elsif:jsminified
2018-03-08 13:29:31 +01:00
< script type = "text/javascript" src = "/static/bwr/jquery-ui/jquery-ui.min.js" > < / script >
2017-02-07 17:35:26 +01:00
//else -->
2018-03-08 13:29:31 +01:00
< script type = "text/javascript" src = "/static/bwr/jquery-ui/jquery-ui.js" > < / script >
2017-02-07 17:35:26 +01:00
<!-- //endif -->
2016-10-15 19:57:04 +02:00
< / head >
< body >
< div class = "dokuwiki export container" >
<!-- TOC START -->
< div id = "dw__toc" >
< h3 class = "toggle" > Table of Contents< / h3 >
< div >
< ul class = "toc" >
< li class = "level1" > < div class = "li" > < a href = "#presentation" > Presentation< / a > < / div > < / li >
< li class = "level1" > < div class = "li" > < a href = "#configuration" > Configuration< / a > < / div >
< ul class = "toc" >
< li class = "level2" > < div class = "li" > < a href = "#phpldapadmin_local_configuration" > phpLDAPadmin local configuration< / a > < / div > < / li >
< li class = "level2" > < div class = "li" > < a href = "#phpldapadmin_virtual_host" > phpLDAPadmin virtual host< / a > < / div > < / li >
< li class = "level2" > < div class = "li" > < a href = "#phpldapadmin_virtual_host_in_manager" > phpLDAPadmin virtual host in Manager< / a > < / div > < / li >
< / ul > < / li >
< / ul >
< / div >
< / div >
<!-- TOC END -->
< h1 class = "sectionedit1" id = "phpldapadmin" > phpLDAPadmin< / h1 >
< div class = "level1" >
< p >
< a href = "phpldapadmin_logo.png_documentation_2.0_applications_phpldapadmin.html" class = "media" title = "applications:phpldapadmin_logo.png" > < img src = "phpldapadmin_logo.png" class = "mediacenter" alt = "" / > < / a >
< / p >
< / div >
<!-- EDIT1 SECTION "phpLDAPadmin" [1 - 72] -->
< h2 class = "sectionedit2" id = "presentation" > Presentation< / h2 >
< div class = "level2" >
< p >
< a href = "http://phpldapadmin.sourceforge.net" class = "urlextern" title = "http://phpldapadmin.sourceforge.net" rel = "nofollow" > phpLDAPadmin< / a > is an LDAP administration tool written in PHP.
< / p >
< p >
phpLDAPadmin will connect to the directory with a static < abbr title = "Distinguished Name" > DN< / abbr > and password, and so will not request authentication anymore. The access to phpLDAPadmin will be protected by LemonLDAP::NG with specific access rules.
< / p >
< div class = "notewarning" > phpLDAPadmin will have no idea of the user connected to the WebSSO. So a simple user can have admin rights on the LDAP directory if your access rules are too lazy.
< / div >
< / div >
<!-- EDIT2 SECTION "Presentation" [73 - 598] -->
< h2 class = "sectionedit3" id = "configuration" > Configuration< / h2 >
< div class = "level2" >
< / div >
<!-- EDIT3 SECTION "Configuration" [599 - 625] -->
< h3 class = "sectionedit4" id = "phpldapadmin_local_configuration" > phpLDAPadmin local configuration< / h3 >
< div class = "level3" >
< p >
Just set the authentication type to < code > config< / code > and indicate < abbr title = "Distinguished Name" > DN< / abbr > and password inside the file < code > config.php< / code > :
< / p >
< pre class = "code file php" > < span class = "re0" > $ldapservers< / span > < span class = "sy0" > -> < / span > < span class = "me1" > SetValue< / span > < span class = "br0" > ( < / span > < span class = "re0" > $i< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'server'< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'auth_type'< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'config'< / span > < span class = "br0" > ) < / span > < span class = "sy0" > ;< / span >
< span class = "re0" > $ldapservers< / span > < span class = "sy0" > -> < / span > < span class = "me1" > SetValue< / span > < span class = "br0" > ( < / span > < span class = "re0" > $i< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'login'< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'dn'< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'cn=Manager,dc=example,dc=com'< / span > < span class = "br0" > ) < / span > < span class = "sy0" > ;< / span >
< span class = "re0" > $ldapservers< / span > < span class = "sy0" > -> < / span > < span class = "me1" > SetValue< / span > < span class = "br0" > ( < / span > < span class = "re0" > $i< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'login'< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'pass'< / span > < span class = "sy0" > ,< / span > < span class = "st_h" > 'secret'< / span > < span class = "br0" > ) < / span > < span class = "sy0" > ;< / span > < / pre >
< / div >
<!-- EDIT4 SECTION "phpLDAPadmin local configuration" [626 - 980] -->
< h3 class = "sectionedit5" id = "phpldapadmin_virtual_host" > phpLDAPadmin virtual host< / h3 >
< div class = "level3" >
< p >
Configure phpLDAPadmin virtual host like other < a href = "../configvhost.html" class = "wikilink1" title = "documentation:2.0:configvhost" > protected virtual host< / a > .
< / p >
< ul >
< li class = "level1" > < div class = "li" > For Apache:< / div >
< / li >
< / ul >
< pre class = "code file apache" > < < span class = "kw3" > VirtualHost< / span > *:< span class = "nu0" > 80< / span > >
< span class = "kw1" > ServerName< / span > phpldapadmin.example.com
PerlHeaderParserHandler Lemonldap::NG::Handler
...
< /< span class = "kw3" > VirtualHost< / span > > < / pre >
< ul >
< li class = "level1" > < div class = "li" > For Nginx:< / div >
< / li >
< / ul >
< pre class = "code file nginx" > server {
listen 80;
server_name phpldapadmin.example.com;
root /path/to/application;
# Internal authentication request
location = /lmauth {
internal;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
# Drop post datas
fastcgi_pass_request_body off;
fastcgi_param CONTENT_LENGTH " " ;
# Keep original hostname
fastcgi_param HOST $http_host;
# Keep original request (LLNG server will received /llauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
# Client requests
location / {
auth_request /lmauth;
auth_request_set $lmremote_user $upstream_http_lm_remote_user;
auth_request_set $lmlocation $upstream_http_location;
error_page 401 $lmlocation;
try_files $uri $uri/ =404;
...
include /etc/lemonldap-ng/nginx-lua-headers.conf;
}
location / {
try_files $uri $uri/ =404;
}
}< / pre >
< / div >
<!-- EDIT5 SECTION "phpLDAPadmin virtual host" [981 - 2256] -->
< h3 class = "sectionedit6" id = "phpldapadmin_virtual_host_in_manager" > phpLDAPadmin virtual host in Manager< / h3 >
< div class = "level3" >
< p >
Go to the Manager and < a href = "../configvhost.html#lemonldapng_configuration" class = "wikilink1" title = "documentation:2.0:configvhost" > create a new virtual host< / a > for phpLDAPadmin.
< / p >
< p >
Just configure the < a href = "../writingrulesand_headers.html#rules" class = "wikilink1" title = "documentation:2.0:writingrulesand_headers" > access rules< / a > .
< / p >
< p >
No < a href = "../writingrulesand_headers.html#headers" class = "wikilink1" title = "documentation:2.0:writingrulesand_headers" > headers< / a > are required.
< / p >
< / div >
<!-- EDIT6 SECTION "phpLDAPadmin virtual host in Manager" [2257 - ] --> < / div >
< / body >
< / html >