Pages

Subscribe:

Ads 468x60px

Labels

2015年9月17日 星期四

OpenKM - English

OpenKM - Cliente de escaneo (Spanish)

OpenKM - Microsoft Office Addin ( spanish )

FreeNAS - Windows Active Directory Integration

Introducing Single Sign on and Active Directory Integration

LDAP and Active Directory user examples

資料來源
The examples described here has been shared by OpenKM users and should be taken with care.

Jboss LDAP example 1

LDAP Structure
dc=fr
   dc=soc
      ou=groups
         cn=UserRole, objectClass=posixGroup, memberUid = jack, memberUid = joe
         cn=AdminRole, objectClass=posixGroup, memberUid = jack
      ou=people
         ou=intern
            cn = jack, objectClass=inetOrgperson, uid = jack
            cn = joe, objectClass=inetOrgperson, uid = joe
Configuration parameters
principal.adapter=com.openkm.principal.LdapPrincipalAdapter
principal.database.filter.inactive.users=true
principal.ldap.mail.attribute=mail
principal.ldap.mail.search.base=ou=intern,ou=users,dc=soc,dc=fr
principal.ldap.mail.search.filter=(&(objectClass=inetOrgPerson)(cn={0}))
principal.ldap.referral=follow
principal.ldap.role.attribute=cn
principal.ldap.role.search.base=ou=groups,dc=soc,dc=fr
principal.ldap.role.search.filter=(objectClass=posixGroup)
principal.ldap.roles.by.user.attribute=cn
principal.ldap.roles.by.user.search.base=ou=groups,dc=soc,dc=fr
principal.ldap.roles.by.user.search.filter=(memberUid={0})
principal.ldap.security.credentials?xxxxxx
principal.ldap.security.principal=cn=admin,dc=soc,dc=fr
principal.ldap.server=ldap://192.168.xxx.xxx:389
principal.ldap.user.attribute=cn
principal.ldap.user.search.base=ou=intern,ou=users,dc=soc,dc=fr
principal.ldap.user.search.filter=(objectClass=inetOrgPerson)
principal.ldap.users.by.role.attribute=memberUid
principal.ldap.users.by.role.search.base=ou=groups,dc=soc,dc=fr
principal.ldap.users.by.role.search.filter=(&(objectClass=posixGroup)(cn={0}))
system.login.lowercase=true
login-config.xml
 name="OpenKM">
   >
       code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required" >
          name="java.naming.provider.url">ldap://192.168.xxx.xxx:389
> name="java.naming.security.authentication">simple> name="bindDN">cn=admin,dc=soc,dc=fr> name="bindCredential">******> name="baseCtxDN">ou=intern,ou=users,dc=soc,dc=fr> name="baseFilter">(uid={0})> name="rolesCtxDN">ou=groups,dc=soc,dc=fr> name="roleFilter">(memberUid={0})> name="roleAttributeID">cn> name="roleAttributeIsDN">false> name="roleRecursion">-1> name="searchScope">SUBTREE_SCOPE> name="allowEmptyPasswords">false> > > >

中國IT實驗室


http://itlab.idcquan.com/

中國IT實驗室