Commit | Line | Data |
---|---|---|
994e70e8 RE |
1 | ============= |
2 | ldap plugin | |
3 | ============= | |
4 | ||
f92018b6 | 5 | .. Warning:: |
994e70e8 RE |
6 | This plugin is not compatible with the other authentication plugins. |
7 | ||
8 | This plugin allow your GNU Mediagoblin instance to authenticate against an | |
9 | LDAP server. | |
10 | ||
11 | Set up the ldap plugin | |
12 | ====================== | |
13 | ||
14 | 1. Install the ``python-ldap`` package. | |
15 | ||
16 | 2. Add the following to your MediaGoblin .ini file in the ``[plugins]`` section:: | |
17 | ||
18 | [[mediagoblin.plugins.ldap]] | |
19 | ||
20 | Configuring the ldap plugin | |
21 | =========================== | |
22 | ||
23 | This plugin allows you to use multiple ldap servers for authentication. | |
24 | ||
25 | In order to configure a server, add the following to you MediaGoblin .ini file | |
26 | under the ldap plugin:: | |
27 | ||
28 | [[mediagoblin.plugins.ldap]] | |
29 | [[[server1]]] | |
30 | LDAP_SERVER_URI = 'ldap://ldap.testathon.net:389' | |
31 | LDAP_USER_DN_TEMPLATE = 'cn={username},ou=users,dc=testathon,dc=net' | |
32 | [[[server2]]] | |
33 | ... | |
34 | ||
35 | Make any necessary changes to the above to work with your sever. Make sure | |
36 | ``{username}`` is where the username should be in LDAP_USER_DN_TEMPLATE. | |
37 | ||
38 | If you would like to fetch the users email from the ldap server upon account | |
39 | registration, add ``LDAP_SEARCH_BASE = 'ou=users,dc=testathon,dc=net'`` and | |
40 | ``EMAIL_SEARCH_FIELD = 'mail'`` under you server configuration in your | |
41 | MediaGoblin .ini file. | |
42 | ||
f92018b6 | 43 | .. Warning:: |
994e70e8 RE |
44 | By default, this plugin provides no encryption when communicating with the |
45 | ldap servers. If you would like to use an SSL connection, change | |
f92018b6 | 46 | LDAP_SERVER_URI to use ``ldaps://`` and whichever port you use. Default ldap |
994e70e8 RE |
47 | port for SSL connections is 636. If you would like to use a TLS connection, |
48 | add ``LDAP_START_TLS = 'true'`` under your server configuration in your | |
49 | MediaGoblin .ini file. |