On Jan 21, 2008 7:53 AM, jm voodoo child <[EMAIL PROTECTED]> wrote: > > > Hi Trac-Users, > > This mail deals with LDAP authentication settings, can experienced users > help me? > I don't even know how to launch tracd server in order to take account LDAP > Authentication.
Just as an aside, please refrain from making HTML posts. It made your post rather unreadable for me, especially with all the needless whitespace. > > Here are the steps I proceed and some questions It raised: > > > 1- I installed the plugin "Accountmanager" and checked it in webadmin, it's > ok. > > 2- I installed the Python LDAP module: > python-ldap-2.3.1.win32-py2.5-setup.exe in http://www.osuch.org/python-ldap > > C:\Python25\Lib\site-packages\ldap has been created, ok. > > 3- I installed tracLDAPauth module: > > - unzipped TracLDAPAuth-1.0-py2.4.zip > - renamed it in.egg > - pasted it in C:\Python25\Lib\site-packages > now I got > C:\Python25\Lib\site-packages\TracLDAPAuth-1.0-py2.4.egg > Is this install ok? So far so good. > 4) In trac Webadmin, Accounts, configuration I have : > HttpAuthStore : auth_url: > http://my remote machine which hosts trac > my remote machine hosts trac in c:\trac > What is the goal of this settings? > > How does it interact with LDAP authentification? It doesn't. Take those settings out--they're only useful for authenticating against an HTTP server. > 5) In my trac.ini I made this change : > acct_mgr.web_ui.LoginModule = disabled (disable html login > form) but I saw in docs this settings « trac.web.auth.LoginModule » > Do I have to set it to "Enabled" for Ldap authentification running? Yes, the TracLDAPAuth plugin is only relevant if you're using the form-based login. You want acct_mgr.web_ui.LoginModule = enabled and trac.web.auth.LoginModule = disabled > 6) In [trac] section of trac.ini: > What are the settings for these values when using LDAP authentication? > [trac] > > authz_file = ???? > > authz_module_name = ???? These have nothing to do with LDAP authentication. This is for authorization on an SVN repository. > 7) I added this section in trac.ini, I think it's ok, can you confirm me ? > [ldap] > > bind_dn = dc=tree,dc=ldap,ou=my,uid=%s -for a request > in the LDAP tree : my.ldap.tree- > bind_passwd = my_ldap_password_for_bind_user > bind_user = my_ldap_bind_useruser > port = 389 > server = -IP adress of my LDAP server- These options look like they mostly come from the LdapPlugin, which is different. The TracLDAPAuth plugin only seems to require two options: "server" and "bind_dn". > 8) At last: > About starting tracd standalone server in LDAP mode: > I read in mailing list that Ldap authentication use "Basicauth" so > I guessed tracd starting script > begins like: > tracd --port 8000 basic-auth=trac, password_file_path, trac c:/trac > What is the setting for password_file_path in case of Ldap authentication? Not sure where you read that. Remove the --basic-auth parameter, and thus you also don't need a password_file_path as there is no password file. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Trac Users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/trac-users?hl=en -~----------~----~----~----~------~----~------~--~---
