196 lines
6.0 KiB
HTML
196 lines
6.0 KiB
HTML
<?xml version="1.0" encoding="utf-8"?>
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
|
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
|
|
|
<html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr">
|
|
<head>
|
|
<meta name="generator" content=
|
|
"HTML Tidy for Linux/x86 (vers 7 December 2008), see www.w3.org" />
|
|
|
|
<title>Lemonldap::NG documentation: 5-Appli-phpLDAPadmin.html</title>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
|
|
<style type="text/css">
|
|
/*<![CDATA[*/
|
|
body{
|
|
background: #ddd;
|
|
font-family: sans-serif;
|
|
font-size: 11pt;
|
|
padding: 0 50px;
|
|
}
|
|
div.main-content{
|
|
padding: 10px;
|
|
background: #fff;
|
|
border: 2px #ccc solid;
|
|
}
|
|
a{
|
|
text-decoration: none;
|
|
}
|
|
p.footer{
|
|
text-align: center;
|
|
margin: 5px 0 0 0;
|
|
}
|
|
.heading-1{
|
|
text-align: center;
|
|
color: orange;
|
|
font-variant: small-caps;
|
|
font-size: 20pt;
|
|
}
|
|
.heading-1-1{
|
|
color: orange;
|
|
font-size: 14pt;
|
|
border-bottom: 2px #ccc solid;
|
|
}
|
|
pre{
|
|
background: #eee;
|
|
border: 2px #ccc solid;
|
|
padding: 5px;
|
|
border-left: 10px #ccc solid;
|
|
}
|
|
ul.star li{
|
|
list-style-type: square;
|
|
}
|
|
/*]]>*/
|
|
</style>
|
|
</head>
|
|
|
|
<body>
|
|
<div class="main-content">
|
|
<h2 class="heading-1"><span id="HphpLDAPadmin">phpLDAPadmin</span></h2>
|
|
|
|
<p class="paragraph"></p>
|
|
|
|
<ul>
|
|
<li><a href="#HPresentation">Presentation</a></li>
|
|
|
|
<li>
|
|
<a href="#HSimpleintegration">Simple integration</a>
|
|
|
|
<ul>
|
|
<li><a href="#HphpLDAPadminconfiguration">phpLDAPadmin
|
|
configuration</a></li>
|
|
|
|
<li><a href="#HApacheconfiguration">Apache configuration</a></li>
|
|
|
|
<li><a href="#HLemonLDAP3A3ANGconfiguration">LemonLDAP::NG
|
|
configuration</a></li>
|
|
</ul>
|
|
</li>
|
|
|
|
<li><a href="#HComplexintegration">Complex integration</a></li>
|
|
</ul>
|
|
|
|
<h3 class="heading-1-1"><span id="HPresentation">Presentation</span></h3>
|
|
|
|
<p class="paragraph"></p>phpLDAPadmin is an LDAP administration tool
|
|
written in PHP. See <span class="wikiexternallink"><a href=
|
|
"http://phpldapadmin.sourceforge.net/">http://phpldapadmin.sourceforge.net/</a></span>
|
|
for more informations.
|
|
|
|
<h3 class="heading-1-1"><span id="HSimpleintegration">Simple
|
|
integration</span></h3>
|
|
|
|
<p class="paragraph"></p>This integration is easy: phpLDAPadmin will
|
|
connect to the directory with a static DN and password, and so will not
|
|
request authentication anymore. The access to phpLDAPadmin will be
|
|
protected by LemonLDAP::NG with specific access rules.
|
|
|
|
<p class="paragraph"></p>Warning: phpLDAPadmin will have no idea of the
|
|
user connected to the WebSSO. So a simple user can have admin rights on
|
|
the LDAP directory if your access rules are too lazy.
|
|
|
|
<h4 class="heading-1-1-1"><span id=
|
|
"HphpLDAPadminconfiguration">phpLDAPadmin configuration</span></h4>
|
|
|
|
<p class="paragraph"></p>Just set the authentication type to 'config' and
|
|
indicate DN and password inside the file config.php:
|
|
|
|
<p class="paragraph"></p>
|
|
|
|
<div class="code">
|
|
<pre>
|
|
$ldapservers->SetValue($i,'server','auth_type','config');
|
|
$ldapservers->SetValue($i,'login','dn','cn=Manager,dc=example,dc=com');
|
|
$ldapservers->SetValue($i,'login','pass','secret');
|
|
</pre>
|
|
</div>
|
|
|
|
<p class="paragraph"></p>Save and close.
|
|
|
|
<h4 class="heading-1-1-1"><span id="HApacheconfiguration">Apache
|
|
configuration</span></h4>
|
|
|
|
<p class="paragraph"></p>We recommend to create a virtualhost for
|
|
phpLDAPadmin (eg. <span class="nobr"><a href=
|
|
"http://pla.example.com">http://pla.example.com</a></span>). Then
|
|
configure this virtualhost in your existing Apache configuration:
|
|
|
|
<p class="paragraph"></p>
|
|
|
|
<div class="code">
|
|
<pre>
|
|
# The following lines must be set once <span class=
|
|
"java-keyword">for</span> all virtualhosts
|
|
NameVirtualHost *<br /><br />PerlRequire /opt/lemonldap-ng/handler/Handler.pm
|
|
PerlOptions +GlobalRequest
|
|
<Files ~ <span class="java-quote">".(pl)$"</span>>
|
|
SetHandler perl-script
|
|
PerlHandler ModPerl::Registry
|
|
PerlSendHeader On
|
|
</Files><br /><br /># Define here all <span class=
|
|
"java-keyword">protected</span> virtualhosts<br /><br /><VirtualHost *>
|
|
ServerName pla.example.com
|
|
ServerSignature Off<br /><br /> DocumentRoot /opt/phpldapadmin
|
|
DirectoryIndex index.php<br /><br /> PerlHeaderParserHandler Handler<br /><br /> <Location /refresh>
|
|
PerlHeaderParserHandler Handler->refresh
|
|
</Location><br /><br /> LogLevel warn
|
|
ErrorLog /<span class=
|
|
"java-keyword">var</span>/log/httpd/phpldapadmin-error.log
|
|
CustomLog /<span class=
|
|
"java-keyword">var</span>/log/httpd/phphldapadmin-access.log combined
|
|
</VirtualHost>
|
|
</pre>
|
|
</div>
|
|
|
|
<h4 class="heading-1-1-1"><span id=
|
|
"HLemonLDAP3A3ANGconfiguration">LemonLDAP::NG
|
|
configuration</span></h4><br />
|
|
<br />
|
|
Go to the manager and create a new virtual host:<br />
|
|
<br />
|
|
|
|
<div class="code">
|
|
<pre>
|
|
pla.example.com
|
|
</pre>
|
|
</div><br />
|
|
<br />
|
|
Then create the access rule. Some examples:<br />
|
|
<br />
|
|
|
|
<div class="code">
|
|
<pre>
|
|
<span class="java-keyword">default</span> => accept
|
|
</pre>
|
|
</div><br />
|
|
<br />
|
|
|
|
<div class="code">
|
|
<pre>
|
|
<span class="java-keyword">default</span> => $groups ~= \badmin\b
|
|
</pre>
|
|
</div><br />
|
|
<br />
|
|
Remove all HTTP_HEADERS, because they are not used!
|
|
|
|
<h3 class="heading-1-1"><span id="HComplexintegration">Complex
|
|
integration</span></h3><br />
|
|
<br />
|
|
This is a feature request: <span class="wikiexternallink"><a href=
|
|
"https://sourceforge.net/tracker/index.php?func=detail&aid=2073323&group_id=61828&atid=498549">
|
|
https://sourceforge.net/tracker/index.php?func=detail&aid=2073323&group_id=61828&atid=498549</a></span>
|
|
</div>
|
|
|
|
<p class="footer"><a href="index.html">Index</a></p>
|
|
</body>
|
|
</html>
|