LDAP development setup: Difference between revisions
From MoodleDocs
David Mudrak (talk | contribs) (Creating the page to keep this recorded somewhere) |
David Mudrak (talk | contribs) m (Text replacement - "class="nicetable"" to "class="wikitable"") |
||
(One intermediate revision by the same user not shown) | |||
Line 23: | Line 23: | ||
uid: s1 | uid: s1 | ||
userPassword:: dGVzdA== | userPassword:: dGVzdA== | ||
* Example of storing the enrolment information | |||
dn: cn=Math101,ou=StudentEnrollment,dc=glux | |||
objectClass: groupOfNames | |||
objectClass: top | |||
cn: Math101 | |||
member: uid=s1,ou=Users,dc=glux | |||
member: uid=s2,ou=Users,dc=glux | |||
member: uid=s3,ou=Users,dc=glux | |||
== LDAP client == | == LDAP client == | ||
Line 28: | Line 38: | ||
I found Apache Directory Studio pretty nice and useful. | I found Apache Directory Studio pretty nice and useful. | ||
== Moodle setup == | == Moodle LDAP authentication setup == | ||
Note the plain text password should not be used anywhere but in development/testing environments. | Note the plain text password should not be used anywhere but in development/testing environments. | ||
{| class=" | {| class="wikitable" | ||
|- | |- | ||
! LDAP server setting | ! LDAP server setting | ||
Line 57: | Line 67: | ||
| Email address | | Email address | ||
| mail | | mail | ||
|- | |||
| ID number | |||
| dn | |||
|} | |} | ||
ID number mapping is used for LDAP enrolment. |
Latest revision as of 13:23, 14 July 2021
This is a dump of notes how I have OpenLDAP installed on my dev Linux machine and integrated with Moodle dev installations.
LDAP server (slapd)
- Default installation with the (legacy) flat slapd.conf file
- Added cosine and inetorgperson schema
include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema
- Make sure to have suffix, rootdn and rootpw set and noted
- Users created as inetOrgPerson class objects
dn: uid=s1,ou=Users,dc=example,dc=com objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person objectClass: top cn: Student sn: One mail: s1@example.com uid: s1 userPassword:: dGVzdA==
- Example of storing the enrolment information
dn: cn=Math101,ou=StudentEnrollment,dc=glux objectClass: groupOfNames objectClass: top cn: Math101 member: uid=s1,ou=Users,dc=glux member: uid=s2,ou=Users,dc=glux member: uid=s3,ou=Users,dc=glux
LDAP client
I found Apache Directory Studio pretty nice and useful.
Moodle LDAP authentication setup
Note the plain text password should not be used anywhere but in development/testing environments.
LDAP server setting | Value |
---|---|
Host URL | ldap://localhost/ |
User type | Default |
User attribute | uid |
Password format | Plain text |
First name | cn |
Surname | sn |
Email address | |
ID number | dn |
ID number mapping is used for LDAP enrolment.