RedmineLDAP
Version 1 (Jean-Philippe Lang, 2007-12-10 21:29)
| 1 | 1 | Jean-Philippe Lang | h1. LDAP Authentication |
|---|---|---|---|
| 2 | 1 | Jean-Philippe Lang | |
| 3 | 1 | Jean-Philippe Lang | Redmine natively supports LDAP authentication using one or multiple LDAP directories. |
| 4 | 1 | Jean-Philippe Lang | |
| 5 | 1 | Jean-Philippe Lang | h2. Declaring the LDAP |
| 6 | 1 | Jean-Philippe Lang | |
| 7 | 1 | Jean-Philippe Lang | Go to Administration -> Authentification and click *New authentication mode*. |
| 8 | 1 | Jean-Philippe Lang | |
| 9 | 1 | Jean-Philippe Lang | Enter the following: |
| 10 | 1 | Jean-Philippe Lang | |
| 11 | 1 | Jean-Philippe Lang | * *Name*: an arbitrary name for the directory |
| 12 | 1 | Jean-Philippe Lang | * *Host*: the LDAP host name |
| 13 | 1 | Jean-Philippe Lang | * *Port*: the LDAP port (default is 389) |
| 14 | 1 | Jean-Philippe Lang | * *LDAPS*: check this if you want or need to use LDAPS to access the directory |
| 15 | 1 | Jean-Philippe Lang | * *Account*: leave this field empty if your LDAP can be read anonymously, otherwise enter a username that has read access to the LDAP |
| 16 | 1 | Jean-Philippe Lang | * *Password*: password for the account |
| 17 | 1 | Jean-Philippe Lang | * *Base DN*: the top level DN of your LDAP directory tree |
| 18 | 1 | Jean-Philippe Lang | * *Login attribute*: enter the name of the LDAP attribute that will be used as the Redmine username |
| 19 | 1 | Jean-Philippe Lang | |
| 20 | 1 | Jean-Philippe Lang | Existing Redmine users should now be able to authenticate using their LDAP username and password. |
| 21 | 1 | Jean-Philippe Lang | |
| 22 | 1 | Jean-Philippe Lang | h2. On the fly user creation |
| 23 | 1 | Jean-Philippe Lang | |
| 24 | 1 | Jean-Philippe Lang | By checking *on-the-fly user creation*, any LDAP user will have his Redmine account automatically created the first time he logs into Redmine. |
| 25 | 1 | Jean-Philippe Lang | For that, you have to specify the LDAP attributes name (firstname, lastname, email) that will be used to create their Redmine accounts. |
| 26 | 1 | Jean-Philippe Lang | |
| 27 | 1 | Jean-Philippe Lang | h2. Example |
| 28 | 1 | Jean-Philippe Lang | |
| 29 | 1 | Jean-Philippe Lang | Here is an typical example using Active Directory: |
| 30 | 1 | Jean-Philippe Lang | |
| 31 | 1 | Jean-Philippe Lang | <pre> |
| 32 | 1 | Jean-Philippe Lang | Name = My Directory |
| 33 | 1 | Jean-Philippe Lang | Host = host.domain.org |
| 34 | 1 | Jean-Philippe Lang | Port = 389 |
| 35 | 1 | Jean-Philippe Lang | LDAPS = no |
| 36 | 1 | Jean-Philippe Lang | Account = MyDomain\UserName |
| 37 | 1 | Jean-Philippe Lang | Password = <password> |
| 38 | 1 | Jean-Philippe Lang | Base DN = CN=users,DC=host,DC=domain,DC=org |
| 39 | 1 | Jean-Philippe Lang | |
| 40 | 1 | Jean-Philippe Lang | On-the-fly user creation = yes |
| 41 | 1 | Jean-Philippe Lang | Attributes |
| 42 | 1 | Jean-Philippe Lang | Login = sAMAccountName |
| 43 | 1 | Jean-Philippe Lang | Firstname = givenName |
| 44 | 1 | Jean-Philippe Lang | Lastname = sN |
| 45 | 1 | Jean-Philippe Lang | Email = mail |
| 46 | 1 | Jean-Philippe Lang | </pre> |
| 47 | 1 | Jean-Philippe Lang | |
| 48 | 1 | Jean-Philippe Lang | Note that LDAP attribute names are *case sensitive*. |
| 49 | 1 | Jean-Philippe Lang | |
| 50 | 1 | Jean-Philippe Lang | h2. Troubleshooting |
| 51 | 1 | Jean-Philippe Lang | |
| 52 | 1 | Jean-Philippe Lang | If you want to use on-the-fly user creation, make sure you don't have any user custom field marked as required. |