| ... |
... |
@@ -67,32 +67,7 @@ |
| 67 |
67 |
- *ldap_UID_attr*: sAMAccountName |
| 68 |
68 |
- *ldap_fields_mapping*: name=sAMAccountName,last_name=sn,first_name=givenName,fullname=displayName,mail=mail,ldap_dn=dn |
| 69 |
69 |
|
| 70 |
|
-Example: |
| 71 |
|
-{code} |
| 72 |
|
-xwiki.authentication.ldap=1 |
| 73 |
|
-xwiki.authentication.ldap.authclass=com.xpn.xwiki.user.impl.LDAP.LDAPAuthServiceImpl |
| 74 |
|
-xwiki.authentication.ldap.server=adserver |
| 75 |
|
-xwiki.authentication.ldap.check_level=1 |
| 76 |
|
-xwiki.authentication.ldap.port=389 |
| 77 |
|
-xwiki.authentication.ldap.base_DN=dc=subdomain,dc=domain,dc=suffix |
| 78 |
|
-xwiki.authentication.ldap.bind_DN=subdomain\\{0} |
| 79 |
|
-xwiki.authentication.ldap.bind_pass={1} |
| 80 |
|
-xwiki.authentication.ldap.UID_attr=sAMAccountName |
| 81 |
|
-xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=sn,first_name=givenName,fullname=displayName,mail=mail,ldap_dn=dn |
| 82 |
|
-{code} |
| 83 |
83 |
|
| 84 |
|
-The bind_DN and bind_pass fields contain the username and password for binding to the LDAP server in order to search, which will not necessarily be the same credentials as the user logging in. |
| 85 |
|
- |
| 86 |
|
- |
| 87 |
|
-The exact details of this configuration will vary based on your server configuration. It may not be necessary to prefix the username (represented by {0}) with the subdomain. |
| 88 |
|
- |
| 89 |
|
-For testing purposes, you may wish to omit the "ldap.fields_mapping" field, to test the authentication first, and then add it later to get the mappings right. |
| 90 |
|
- |
| 91 |
|
-This java client, [LDAP Browser/Editor > http://www-unix.mcs.anl.gov/~gawor/ldap/] is a handy tool for checking your configuration. |
| 92 |
|
- |
| 93 |
|
- |
| 94 |
|
- |
| 95 |
|
- |
| 96 |
96 |
1.1 eXo Authentication |
| 97 |
97 |
|
| 98 |
98 |
The eXo authentication is used automatically by adding/editing the ~~xwiki.exo=1~~ property in ~~WEB-INF/xwiki.cfg~~. |
