|
1
|
==================================================================================
|
|
2
|
Prerequisites
|
|
3
|
==================================================================================
|
|
4
|
|
|
5
|
To set up LDAP efficiently, you need to acquire the relevant information for the
|
|
6
|
domain you are authenticating against.
|
|
7
|
|
|
8
|
Contact your organization's staff to receive the necessary information. This
|
|
9
|
should include:
|
|
10
|
|
|
11
|
* The servers available to you (hostname, port, encryption preference)
|
|
12
|
* The binding method (service account including credentials, if necessary)
|
|
13
|
* If applicable, the structure of the data you are trying to sync, e.g.
|
|
14
|
sAMAccountName is the unique name attribute for your Active Directory.
|
|
15
|
|
|
16
|
### Requirements
|
|
17
|
|
|
18
|
The following requirements need to be met for you to work with any of the LDAP
|
|
19
|
modules.
|
|
20
|
|
|
21
|
* PHP version 5.6.
|
|
22
|
* PHP LDAP extension.
|
|
23
|
|
|
24
|
==================================================================================
|
|
25
|
Installation instructions:
|
|
26
|
==================================================================================
|
|
27
|
|
|
28
|
1) Download the LDAP module as you would any other.
|
|
29
|
|
|
30
|
2) Go to admin/build/modules and enable the needed modules from the
|
|
31
|
Lightweight Directory Access Protocol group.
|
|
32
|
|
|
33
|
3) Enable and configure ldap servers and configure at least one server.
|
|
34
|
|
|
35
|
4) Enable the other LDAP modules you need.
|
|
36
|
|
|
37
|
5) LDAP Help is just for debugging and administrator help. Use it if you have
|
|
38
|
problems. Disable it in production; it adds no functionality or end user help.
|
|
39
|
|
|
40
|
==================================================================================
|
|
41
|
Configuration overrides
|
|
42
|
==================================================================================
|
|
43
|
|
|
44
|
If you need to selectively disable LDAP functionality and cannot disable the
|
|
45
|
modules, use configuration overrides, such as the following in settings.php and
|
|
46
|
clearing your cache afterwards.
|
|
47
|
|
|
48
|
// Disable the server you are syncing users from LDAP to Drupal.
|
|
49
|
$conf['ldap_user_conf']['drupalAcctProvisionServer'] = 0;
|
|
50
|
// Disable LDAP authentication.
|
|
51
|
$conf['ldap_authentication_conf']['sids'] = [];
|
|
52
|
// Set bind DN and bind password for service account.
|
|
53
|
$conf['ldap_servers_overrides']['my_server']['binddn'] = 'my_dn';
|
|
54
|
$conf['ldap_servers_overrides']['my_server']['bindpw'] = 'my_password';
|
|
55
|
|
|
56
|
IMPORTANT: These overrides will change the data in your admin forms, saving them
|
|
57
|
will save them permanently in the database.
|
|
58
|
|
|
59
|
==================================================================================
|
|
60
|
More documentation is available at:
|
|
61
|
|
|
62
|
http://drupal.org/project/ldap -- project homepage
|
|
63
|
http://drupal.org/node/997082 - project documentation
|
|
64
|
==================================================================================
|
