-
Notifications
You must be signed in to change notification settings - Fork 54
Setting up LDAP authentication
Install open ldap "slapd" and ldap-utils:
$ apt-get install slapd ldap-utils
When prompted for the ldap admin password, keep in mind that this is required to set up LDAP access. If you happen to lose the password, or if want to reset it, simply use:
$ dpkg-reconfigure slapd
The ldap database has to be set up and this is done by a Python script inlcuded with the mcstas simulator app. Go to the directory .../McWeb/ldifs/ and run:
$ python ldap_initdb.py <dn> <pw>
where dn is the ldap "distinguished name" and pw is the ldap admin password. The ldap dn runs along the lines of dc=fysik,dc=dtu,dc=dk. To identify the ldap dn, run (with root access):
$ slapcat | more
This command outputs the ldap database, and the top line contains the dn that you need.
Now, you can add users to the ldap database by first creating a text file (csv) and putting user data in it. This must have the format of username, password, simgroup1, ... and then a newline. The "..." denotes that you can add the user to multiple simgroups. Now run this command:
$ python ldap_addusers <dn> <pw> <user-file.csv>
They utility will simultaneously add users to the appropriate simulation groups.
-
In the file .../McWeb/mcwww/settings.py, change the value of
AUTH_LDAP_USER_SEARCHto conform to your ldap dn (the one you identified above). -
Notice the variable
AUTHENTICATION_BACKENDSin the same file (settings.py). This contains two lines, one of which is out-commented. This should be the django model backend, and not the ldap backend. Please make sure the django model backend is disabled.