[mediagoblin.git] / mediagoblin / plugins / ldap / README.rst

=============
 ldap plugin
=============

.. Warning::
   This plugin is not compatible with the other authentication plugins.

This plugin allow your GNU Mediagoblin instance to authenticate against an
LDAP server.

Set up the ldap plugin
======================

1. Install the ``python-ldap`` package.

2. Add the following to your MediaGoblin .ini file in the ``[plugins]`` section::

    [[mediagoblin.plugins.ldap]]

Configuring the ldap plugin
===========================

This plugin allows you to use multiple ldap servers for authentication.

In order to configure a server, add the following to you MediaGoblin .ini file
under the ldap plugin:: 

    [[mediagoblin.plugins.ldap]]
    [[[server1]]]
    LDAP_SERVER_URI = 'ldap://ldap.testathon.net:389'
    LDAP_USER_DN_TEMPLATE = 'cn={username},ou=users,dc=testathon,dc=net'
    [[[server2]]]
    ...

Make any necessary changes to the above to work with your sever. Make sure
``{username}`` is where the username should be in LDAP_USER_DN_TEMPLATE.
   
If you would like to fetch the users email from the ldap server upon account
registration, add ``LDAP_SEARCH_BASE = 'ou=users,dc=testathon,dc=net'`` and
``EMAIL_SEARCH_FIELD = 'mail'`` under you server configuration in your
MediaGoblin .ini file.

.. Warning::
   By default, this plugin provides no encryption when communicating with the
   ldap servers. If you would like to use an SSL connection, change
   LDAP_SERVER_URI to use ``ldaps://`` and whichever port you use. Default ldap
   port for SSL connections is 636. If you would like to use a TLS connection,
   add ``LDAP_START_TLS = 'true'`` under your server configuration in your
   MediaGoblin .ini file.
Commit	Line	Data
994e70e8 RE	1	=============
	2	ldap plugin
	3	=============
	4
f92018b6	5	.. Warning::
994e70e8 RE	6	This plugin is not compatible with the other authentication plugins.
	7
	8	This plugin allow your GNU Mediagoblin instance to authenticate against an
	9	LDAP server.
	10
	11	Set up the ldap plugin
	12	======================
	13
	14	1. Install the ``python-ldap`` package.
	15
	16	2. Add the following to your MediaGoblin .ini file in the ``[plugins]`` section::
	17
	18	[[mediagoblin.plugins.ldap]]
	19
	20	Configuring the ldap plugin
	21	===========================
	22
	23	This plugin allows you to use multiple ldap servers for authentication.
	24
	25	In order to configure a server, add the following to you MediaGoblin .ini file
	26	under the ldap plugin::
	27
	28	[[mediagoblin.plugins.ldap]]
	29	[[[server1]]]
	30	LDAP_SERVER_URI = 'ldap://ldap.testathon.net:389'
	31	LDAP_USER_DN_TEMPLATE = 'cn={username},ou=users,dc=testathon,dc=net'
	32	[[[server2]]]
	33	...
	34
	35	Make any necessary changes to the above to work with your sever. Make sure
	36	``{username}`` is where the username should be in LDAP_USER_DN_TEMPLATE.
	37
	38	If you would like to fetch the users email from the ldap server upon account
	39	registration, add ``LDAP_SEARCH_BASE = 'ou=users,dc=testathon,dc=net'`` and
	40	``EMAIL_SEARCH_FIELD = 'mail'`` under you server configuration in your
	41	MediaGoblin .ini file.
	42
f92018b6	43	.. Warning::
994e70e8 RE	44	By default, this plugin provides no encryption when communicating with the
994e70e8 RE	45	ldap servers. If you would like to use an SSL connection, change
f92018b6	46	LDAP_SERVER_URI to use ``ldaps://`` and whichever port you use. Default ldap
994e70e8 RE	47	port for SSL connections is 636. If you would like to use a TLS connection,
	48	add ``LDAP_START_TLS = 'true'`` under your server configuration in your
	49	MediaGoblin .ini file.