I got it working with 389-ds
prereq:
BIND user and password
pkiadmin group
pkiuser group
Here are the lines I added to the files in the auth subdirectory in the
realm I use
handler.yaml
LDAPlogin:
type: Connector
label: LDAP Login for Users
description: LDAP login for users
role: User
source@: connector:auth.connector.userLDAP
raopLDAPlogin:
type: Connector
label: LDAP Login for Users
description: LDAP login for users
role: RA Operator
source@: connector:auth.connector.raopLDAP
stack.yaml
UserLDAP:
label: LDAP user Logins
handler: LDAPlogin
type: passwd
OperatorLDAP:
label: LDAP Operator Logins
handler: raopLDAPlogin
type: passwd
connector.yaml
userLDAP:
class: Connector::Builtin::Authentication::LDAP
LOCATION: ldap://<servername>
base: dc=x,dc=y
binddn: <BINDDN>
password: <BINDPASSWD>
filter: "(&(uid=[% LOGIN %])(memberOf=cn=pkiuser,<redacted>))"
raopLDAP:
class: Connector::Builtin::Authentication::LDAP
LOCATION: ldap://<servername>
base: dc=x,dc=y
binddn: <BINDDN>
password: <BINDPASSWD>
filter: "(&(uid=[% LOGIN %])(memberOf=cn=pkiadmin,<redacted>))"
On Sat, Sep 11, 2021 at 1:32 AM Martin Bartosch via OpenXPKI-users <
[email protected]> wrote:
>
> > We have used Openxpki version 3.12 in our environment. Our requirement
> is that we want to authenticate openxpki with external ldap login from
> openxpki UI. Please help us, how can we integrate external ldap users with
> openxpki, so that we can login from openxpki web UI using external ldap
> users. We don't want anonymous user login from openxpki web UI.
> >
>
> Please read the documentation and search the mailing list archive. This
> question has been covered there only recently.
>
> Martin
>
>
>
> _______________________________________________
> OpenXPKI-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/openxpki-users
>
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
