禅道开源版添加openldap认证

时间:2022-05-21 19:20:28

注:现在添加的认证只是基于ldap密码验证,需要在禅道系统里面有对应的用户名,否则登陆不成功。

基于http://www.zentao.net/extension-viewext-25.html提供的插件修改。

  1. 管理员登陆禅道后台》扩展》添加ldap插件

  2. 修改插件里面ldapserver验证文件。

module/user/ext/config/ldap.php

 

$config->ldap->ldap_server                      =  'ldap://ldap.example.com:389/';

/**

 * The LDAP Protocol Version, if 0, then the  protocol version is not set.  For  Active Directory use version 3.

 */

$config->ldap->ldap_protocol_version             = 3;

/**

 * Determines whether the LDAP library  automatically follows referrals returned by LDAP servers or not.

 * This maps to LDAP_OPT_REFERRALS ldap library  option.  For Active Directory, this  should be set to OFF.

 */

$config->ldap->ldap_follow_referrals              = 1;        //1 ON, 0 OFF

$config->ldap->ldap_root_dn                    =  'ou=www,dc=abc,dc=com';  

$config->ldap->ldap_uid_field                   = 'uid';                         //修改为uid or cn Use  'sAMAccountName' for Active Directory

$config->ldap->ldap_bind_dn                    =  'CN=admin,OU=admin,DC=abc,DC=com';

$config->ldap->ldap_bind_passwd                    = 'abcdef';

/**

这一行需要注释掉

* Search filter for acitve person  only, !(userAccountControl:1.2.840.113556.1.4.803:=2) means active user in AD

*/

#$config->ldap->ldap_organization               =  '(objectCategory=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2))';

3.  这样就可以在禅道里面使用ldap用户密码登陆