111 lines
2.8 KiB
ReStructuredText
111 lines
2.8 KiB
ReStructuredText
Quick start tutorial
|
|
====================
|
|
|
|
|
|
.. important::
|
|
|
|
This tutorial will guide you into a minimal
|
|
installation and configuration procedure. You need some prerequisites:
|
|
|
|
- A computer with a GNU/Linux recent distribution (Debian, Ubuntu,
|
|
CentOS, RHEL, ...) with root privileges
|
|
- A web browser
|
|
- The possibility to update your local ``hosts`` file, or an easy
|
|
access to your DNS server
|
|
- A cup of coffee (or tea, we are open minded)
|
|
|
|
|
|
|
|
Installation
|
|
------------
|
|
|
|
You should install Lemonldap::NG using packages, but you can also
|
|
install it from
|
|
:doc:`the tarball<installtarball>`.
|
|
|
|
Debian / Ubuntu
|
|
~~~~~~~~~~~~~~~
|
|
|
|
::
|
|
|
|
apt install apt-transport-https
|
|
wget -O - https://lemonldap-ng.org/_media/rpm-gpg-key-ow2 | apt-key add -
|
|
echo "deb https://lemonldap-ng.org/deb stable main" > /etc/apt/sources.list.d/lemonldap-ng.list
|
|
apt update
|
|
apt install lemonldap-ng
|
|
|
|
CentOS / RHEL
|
|
~~~~~~~~~~~~~
|
|
|
|
::
|
|
|
|
curl https://lemonldap-ng.org/_media/rpm-gpg-key-ow2 > /etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
|
|
echo "[lemonldap-ng]
|
|
name=LemonLDAP::NG packages
|
|
baseurl=https://lemonldap-ng.org/redhat/stable/$releasever/noarch
|
|
enabled=1
|
|
gpgcheck=1
|
|
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2" > /etc/yum.repos.d/lemonldap-ng.repo
|
|
yum update
|
|
yum install lemonldap-ng
|
|
|
|
SSO domain configuration
|
|
------------------------
|
|
|
|
The defaut SSO domain is ``example.com``. You can keep it for your tests
|
|
or change it, for example for ``mydomain.com``:
|
|
|
|
::
|
|
|
|
sed -i 's/example\.com/mydomain.com/g' /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1.json
|
|
sed -i 's/example\.com/mydomain.com/g' /etc/nginx/conf.d/*
|
|
sed -i 's/example\.com/mydomain.com/g' /etc/httpd/conf.d/*
|
|
sed -i 's/example\.com/mydomain.com/g' /etc/apache2/sites-available/*
|
|
|
|
In order to be able to test, update your DNS or your local ``hosts``
|
|
file to map this names to the SSO server IP:
|
|
|
|
- auth.mydomain.com
|
|
- manager.mydomain.com
|
|
- test1.mydomain.com
|
|
- test2.mydomain.com
|
|
|
|
For example on your local computer:
|
|
|
|
::
|
|
|
|
echo "192.168.1.30 auth.mydomain.com manager.mydomain.com test1.mydomain.com test2.mydomain.com" >> /etc/hosts
|
|
|
|
Run
|
|
---
|
|
|
|
Since LemonLDAP::NG 1.2, the
|
|
:doc:`demonstration backend<authdemo>` is
|
|
configured by default.
|
|
|
|
Demonstration backend has hard coded user accounts:
|
|
|
|
====== ======== =============
|
|
Login Password Role
|
|
====== ======== =============
|
|
rtyler rtyler user
|
|
msmith msmith user
|
|
dwho dwho administrator
|
|
====== ======== =============
|
|
|
|
Open SSO session
|
|
~~~~~~~~~~~~~~~~
|
|
|
|
Go on http://auth.mydomain.com and log with one of the demonstration
|
|
account.
|
|
|
|
Access protected application
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
Try http://test1.mydomain.com or http://test2.mydomain.com
|
|
|
|
Edit configuration
|
|
~~~~~~~~~~~~~~~~~~
|
|
|
|
Log with the dwho account and go on http://manager.mydomain.com
|