Rhyous

November 25, 2009

How to configure dotProject 2.1.2 to authenticate using Active Directory’s LDAP?

Filed under: FreeBSD — J. Abram barneck @ 12:40 am
Tags: , ,

So previously I released the following post:
How to install dotProject 2.1.2 on FreeBSD 7.2 with Apache 2.2, PHP5, and MySQL 5.1 Server?

Now I am following up as promised with how to integrate this with Active Directory and AD’s LDAP. You need to know your LDAP Active Directory info. If you don’t, you need to get it. Or else maybe your domain is generic enough that looking at my examples will get you there.

  1. Log in to dotProject.
  2. Click on System Admin | Default User Preferences.

    We will make changes to the following sections:

    • User Authentication Settings
    • LDAP Settings

    These section are show in this screen shot. After this screen shot instructions on configuring these sections are provided.

  3. Scroll to the section called User Authentication Settings.
  4. Change the User Authentication Method setting to LDAP.
  5. Configure the LDAP Settings section.
    1. For LDAP Host, Enter the IP address of your Active Directory server.
    2. Do not change the LDAP Port or LDAP Version settings.
    3. On a default Active Directory installation, set the LDAP Base DN to the following:
      CN=Users,DC=YourDomain,DC=tld

      For example, the lab I am demoing this with is LD.Lab so it would be this:

      CN=Users,DC=ld,DC=lab
    4. For LDAP User Filter enter the following:
      (sAMAccountName=%USERNAME%)
    5. For the LDAP Search User, enter a domain user:
      CN=John Doe,CN=Users,DC=ld,DC=lab

      SUGGESTION: Create a service account on the domain with a really intense password and almost no rights, except of course the right to search LDAP so it can be an LDAP Search User.

    6. Obviously for the LDAP Search User Password, enter the password for the LDAP Search User.

      IMPORTANT! You must update this password here when the user’s changes in Active Directory (sorry for the “No duh” moment but it had to be said).

  6. Scroll down and on the bottom right of the Default User Preferences page, click Save.

Go ahead and try to login as a Domain User.

Note On Changing Permissions
Domain Users may appear to get the Administrator role, but this is not really the case. They only get the Anonymous role when they first login. See my forum post here:
How to make an LDAP user an administrator?

Also, it appears that if you want all users who login to get more permissions, then edit the Anonymous role or modify every user individually. (Yeah, so the project needs some features in this area…maybe you want to become a contributor and develop it yourself?)


Copyright ® Rhyous.com – Linking to this article is allowed without permission and as many as ten lines of this article can be used along with this link. Any other use of this article is allowed only by permission of Rhyous.com.

Advertisements

2 Comments »

  1. […] Check out my new update to this: How to configure dotProject 2.1.2 to authenticate using Active Directory’s LDAP? Possibly related posts: (automatically generated)How to install MySQL on FreeBSD 7.2 or on Red Hat […]

    Pingback by How to install dotProject 2.1.2 on FreeBSD 7.2 with Apache 2.2, PHP5, and MySQL 5.1 Server? « Rhyous's 127.0.0.1 or ::1 — January 19, 2010 @ 12:48 pm | Reply

  2. […] la guia oficial de instalación de dotproject que la encuentras aquí, una ves instalado seguí esta guia para autentificar conta ActiveDitectory… Al final obtuve una herramienta opensource que […]

    Pingback by dotProject autentificado contra Active Directory « David Cancino Blog — January 28, 2010 @ 9:19 pm | Reply


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: