Difference between revisions of "Configuration/Authentication Settings/Active Directory"

From Davical
Jump to navigationJump to search
 
(Using Active Directory for Authentication)
Line 6: Line 6:
 
The goal is to have DAViCal refer to Windows Active Directory when
 
The goal is to have DAViCal refer to Windows Active Directory when
 
a new user logs in.
 
a new user logs in.
 +
 +
===Getting the Correct LDAP Driver===
 +
 +
The 0.9.4 installation does not come with the correct ldap driver to connect with Windows Active Directory. Please obtain the correct driver
 +
either from the Soureforge Forumn or contacting the developers, they can be reached through the IRC channel.
 +
 +
Backup the existing ldap driver (filename, drivers_ldap.php) found in the '''/usr/share/rscds/inc/''' directory and copy the obtained driver into it.
 +
 +
===Configuring to Use Active Directory===
 +
 +
Configuring DAViCal to use Active Directory for Authentication is done in the conf file found at '''/etc/davical/'''. The name of the file follows the format of '''XXXX-conf.php''', where '''XXXX''' is the hostname used in the URL to access calendars. (See [[Installation Guide Update (Feb 2008)]], section "DAViCal Configuration" for details.)
 +
 +
A detailed explanation for the syntax of this file can be at [[Configuration]].
 +
 +
For the purpose of this section I've attached my configuration (with a few edits to mask sensitive information) here below;
 +
 +
  <?php
 +
    $c->sysabbr    = 'DAViCal';
 +
    $c->admin_email= 'administrator@example.com'
 +
    $c->dbg["ALL"] =1;
 +
 
 +
    $c->pg_connect[] = 'dbname=davical port=5432 user=davical_dba';
 +
    $c->authenticate_hook['call'] = 'LDAP_check';
 +
    $c->authenticate_hook['config'] = array(
 +
        'host'            => 'ldap://domain_controller.example.com',
 +
        'bindDN'          => 'bind_user@example.com',
 +
        'passDN'          => 'xxxxxxxx',
 +
        'baseDNUsers'    => 'OU=Accounts,DC=example,DC=com',
 +
        'protocolVersion' => 3,
 +
        'optReferrels'    => 0,
 +
        'filterUsers'    => '(&(objectclass=person)(objectclass=user))',
 +
        'mapping_field' => array("username" => "sAMAccountName",
 +
                            "fullname" => "cn" ,
 +
                            "email" =>"mail"),
 +
        'default_value' => array("date_format_type" => "E","locale" => "en_NZ"),
 +
        'format_updated'=> array('Y' => array(0,4),
 +
                                'm' => array(4,2),
 +
                                'd' => array(6,2),
 +
                                'H' => array(8,2),
 +
                                'M' => array(10,2),
 +
                                'S' => array(12,2)),
 +
 
 +
    );
 +
    include_once('drivers_ldap.php');
 +
  ?>

Revision as of 07:25, 19 February 2008

Using Active Directory for Authentication

This Section proceeds from where the base installation described in Installation Guide Update (Feb 2008) leaves off.

The goal is to have DAViCal refer to Windows Active Directory when a new user logs in.

Getting the Correct LDAP Driver

The 0.9.4 installation does not come with the correct ldap driver to connect with Windows Active Directory. Please obtain the correct driver either from the Soureforge Forumn or contacting the developers, they can be reached through the IRC channel.

Backup the existing ldap driver (filename, drivers_ldap.php) found in the /usr/share/rscds/inc/ directory and copy the obtained driver into it.

Configuring to Use Active Directory

Configuring DAViCal to use Active Directory for Authentication is done in the conf file found at /etc/davical/. The name of the file follows the format of XXXX-conf.php, where XXXX is the hostname used in the URL to access calendars. (See Installation Guide Update (Feb 2008), section "DAViCal Configuration" for details.)

A detailed explanation for the syntax of this file can be at Configuration.

For the purpose of this section I've attached my configuration (with a few edits to mask sensitive information) here below;

 <?php
   $c->sysabbr    = 'DAViCal';
   $c->admin_email= 'administrator@example.com'
   $c->dbg["ALL"] =1;
 
   $c->pg_connect[] = 'dbname=davical port=5432 user=davical_dba';
   $c->authenticate_hook['call'] = 'LDAP_check';
   $c->authenticate_hook['config'] = array(
       'host'            => 'ldap://domain_controller.example.com',
       'bindDN'          => 'bind_user@example.com',
       'passDN'          => 'xxxxxxxx',
       'baseDNUsers'     => 'OU=Accounts,DC=example,DC=com',
       'protocolVersion' => 3,
       'optReferrels'    => 0,
       'filterUsers'     => '(&(objectclass=person)(objectclass=user))',
       'mapping_field' => array("username" => "sAMAccountName",
                            "fullname" => "cn" ,
                            "email" =>"mail"),
       'default_value' => array("date_format_type" => "E","locale" => "en_NZ"),
       'format_updated'=> array('Y' => array(0,4),
                                'm' => array(4,2),
                                'd' => array(6,2),
                                'H' => array(8,2),
                                'M' => array(10,2),
                                'S' => array(12,2)),
 
   );
   include_once('drivers_ldap.php');
 ?>