Difference between revisions of "Web app PhpLdapAdmin"
| (One intermediate revision by the same user not shown) | |||
| Line 2: | Line 2: | ||
PhpLdapAdmin allows to manage the LDAP online. | PhpLdapAdmin allows to manage the LDAP online. | ||
| − | |||
| − | |||
| − | |||
| Line 42: | Line 39: | ||
<syntaxhighlight lang="php"> | <syntaxhighlight lang="php"> | ||
| + | $config->custom->session['blowfish'] = 'thisIsACrazyStringValueThatIsUsedToEncryptedData'; | ||
| + | |||
$servers = new Datastore(); | $servers = new Datastore(); | ||
$servers->newServer('ldap_pla'); | $servers->newServer('ldap_pla'); | ||
| Line 49: | Line 48: | ||
$servers->setValue('server','base',array('dc=dev,dc=daxiongmao,dc=eu')); | $servers->setValue('server','base',array('dc=dev,dc=daxiongmao,dc=eu')); | ||
$servers->setValue('login','auth_type','session'); | $servers->setValue('login','auth_type','session'); | ||
| − | $servers->setValue('login','bind_id',' | + | |
| + | $servers->setValue('login','bind_id',''); | ||
| + | $servers->setValue('login','bind_pass',''); | ||
| + | |||
| + | $servers->setValue('login','attr','uid'); | ||
| + | $servers->setValue('login','base',array('ou=people,dc=dev,dc=daxiongmao,dc=eu')); | ||
| + | $servers->setValue('server','read_only',false); | ||
| + | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Latest revision as of 16:48, 26 November 2014
PhpLdapAdmin allows to manage the LDAP online.
Contents
Requirements
You need both a LDAP and Web server to use this application.
Installation
Source: http://phpldapadmin.sourceforge.net/wiki/index.php/Main_Page
Packages
apt-get install phpldapadmin
apt-get install php-fpdf
Configuration
Edit configuration
vim /etc/phpldapadmin/config.php
Edit / adjust following lines:
$config->custom->session['blowfish'] = 'thisIsACrazyStringValueThatIsUsedToEncryptedData';
$servers = new Datastore();
$servers->newServer('ldap_pla');
$servers->setValue('server','name','DEV daxiongmao.eu LDAP');
$servers->setValue('server','host','dev.daxiongmao.eu');
// $servers->setValue('server','port',389);
$servers->setValue('server','base',array('dc=dev,dc=daxiongmao,dc=eu'));
$servers->setValue('login','auth_type','session');
$servers->setValue('login','bind_id','');
$servers->setValue('login','bind_pass','');
$servers->setValue('login','attr','uid');
$servers->setValue('login','base',array('ou=people,dc=dev,dc=daxiongmao,dc=eu'));
$servers->setValue('server','read_only',false);
!! Adjust to your own LDAP settings !!
Reload apache2 configuration
service apache2 reload
Improve security
Alias name
For better security you should not use /phpldapadmin but something else.
Edit configuration file:
vim /etc/phpldapadmin/apache.confAdjust
# Define /phpldapadmin alias, this is the default
<IfModule mod_alias.c>
Alias /phpldapadmin /usr/share/phpldapadmin/htdocs
</IfModule>Replace phpldapadmin by your own value. For instance: ldapmanager
Apache access restrictions
Access service
Then you can access Ldap Account Manager on: http://myServer/phpldapadmin
Login
Login using Admin password
Login user: cn=admin,{ldap DN}
Basic configuration
Create Organizational Units
- Create a child entry
- Generic organizational unit [ou=]
Create:
- people
- groups
Create Groups
Then, create 2 groups called “administrators” & “users”
- Click on ou=groups
- Create a child entry
- Create a generic posix group [cn=]
Create:
- administrators
- users
Create Users
- Create some users
- Click on ou=people
- Create a child entry
- Create a generic User Account [ua=]
