[Xerte] LDAP

David Goodwin david at palepurple.co.uk
Thu Sep 17 10:22:15 BST 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Robert Stillwell wrote:
> Pat and David, thank you for your suggestions – really helpful!
> 
>  
<snip>

If you install your own LDAP server, using something like phpldapadmin
(which can be a pain to setup to start with) will make it a lot easier -
especially if you're not particularly familiar with LDAP.

In my case, I installed the slapd on Debian (the installer asks you
appropriate questions etc), then installed latest release of
phpldapadmin from sourceforge. You need to edit a config
(config/config.php) file for phpldapadmin and set at least :

 * hostname (e.g. localhost)
 * base (e.g. root of your ldap directory) (e.g. dc=palepurple,dc=co,dc=uk)
 * bind_id (i.e. cn=admin,dc=palepurple,dc=co,dc=uk)
 * search_base  (i.e. dc=palepurple,dc=co,dc=uk)

(Until I change the base, phpldapadmin is effectively useless, even if I
can login to it as it doesn't give a hierarchical tree for me to drill down)

Once there it's necessary/desirable to create an organisational unit to
hold your xerte users (e.g. ou=xerte,dc=palepurple,dc=co,dc=uk), and
also a group for them to belong to. The group is necessary (in my case)
because each posix user account I Create in the LDAP directory has a
mandatory requirement for a group.

For each user I wish to create within Xerte, I just create a posix user
account within the 'xerte' organisational unit. In real life, I suspect
you'd already have an LDAP tree full of users etc and you'd add an
appropriate flag (or group membership) to determine if they should be
allowed to access Xerte)

Finally, you get to configure Xerte during it's setup process - the
first time I did this it was a bit hit and miss - and I always seem to
end up debugging the code to discover the correct parameters... the
installers suggestion of the ldap filter field being 'uid=' should just
be 'uid' for example.

So, LDAP is by no means the easy route....

David.
- --
 David Goodwin                          Pale Purple Limited
 Office: 0845 0046746                   Mobile: 07792380669
 http://www.palepurple.co.uk            Company No: 5580814
 'Business Web Application Development and Training in PHP'
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkqx/8cACgkQ/ISo3RF5V6aJHgCg1nQsF3tkjsrL9lUJUH1iT9Ex
g8UAn2AyQdNqZlGMjUI6kyvS1D/fYt+A
=H4qq
-----END PGP SIGNATURE-----

More information about the Xerte mailing list