Re: [openupload-devel] Active Directory
Status: Beta
Brought to you by:
tsdogs
Menu
▾
▴
Re: [openupload-devel] Active Directory
|
From: Alessandro B. <ts...@br...> - 2009-04-23 22:43:27
|
On Thu, 23 Apr 2009 13:34:17 -0500, Andy Hester <and...@eu...> wrote: > Alessandro Briosi wrote: >> Sure, >> I had this working with AD. (haven't tested it for some time now, but it >> should just work) (LDAP works as I have it working at my office). >> >> The best way to set it up is: >> 1. Run the setup script and put the same groups in the configuration >> that you will be using in the AD configuration. >> > I don't recall ever running this script. I think I just edited the > config.inc.php file. When I go to the setup.inc.php in a browser I get > an access denied message. > > I am quite sure that I am just being a little dense atm, but I can't > seem to get this to work. > I did edit the config file for AD, but I guess I am not sure how to > tell openupload which groups map to which AD groups, etc. I think the > part I am not getting right is here: > ok so you probably got that 'cause it was not there with version 0.3 from which you upgraded. >> # $CONFIG['ldap']['basedn'] = 'dc=yourdomain,dc=local'; >> # $CONFIG['ldap']['userdn'] = 'dc=yourdomain,dc=local'; >> # $CONFIG['ldap']['userclass']='user'; >> # $CONFIG['ldap']['uid']='cn'; >> # $CONFIG['ldap']['userfields'] = array ( 'cn' => 'login', 'name' => >> 'name', 'memberof' => 'group_id', 'mail' => 'email'); >> # $CONFIG['ldap']['groupdn'] = 'dc=roverdom,dc=local'; >> # $CONFIG['ldap']['groupclass']='group'; >> # $CONFIG['ldap']['gid']='distinguishedname'; >> # $CONFIG['ldap']['groupfields'] = array ( 'cn' => 'name', 'name' => >> 'description' ); >> > Also, is it correct to assume that one this config file is correct that > this will work, or are there other things that must be done with the > database, etc? > Yes, you would have to map the groups in the database, changing the names to the ones that match the AD ones. The easiest way would be to rename the config.inc.php file, then run the setup (simply point to the openupload folder with the browser, not to the setup.php script directly, it will automatically load the setup script if it does not find the config.inc.php, i.e. http://mydomain.com/openupload/www/ I assume you are using version 0.4 now) Assign the correct settings for the database and populate it accordingly (check the groups, and select the mode you'd prefer i.e. restricted). Once setup is over put back the config.inc.php you had (unless you want to configure with the new one) and it should work. Another way would be to change the acl table in the database to match the groups of active directory, if you already done configurations, though you'll later have to fix the plugin acl and options too. Alessandro P.S. If you try to login and it simply re-displays the login screen (without a "login incorrect" message), AD is working, but the ACL are not correct. |
