[LON-CAPA-admin] Confirm self creation of user accounts
Christian Knieling
knieling at kit.edu
Tue Mar 19 12:22:22 EDT 2013
Hi Sebastian,
I personally use almost the following lines in the file
/home/httpd/lib/perl/localauth.pm to authenticate users against my LDAP
service:
# ----START LOCAL CHANGES HERE ----- DON'T DELETE THIS LINE
use strict;
use Net::LDAP;
use Net::LDAPS;
sub localauth {
my ($username,$password,$optional_argument,$domain) = @_;
my $ldap_uri = 'ldaps://full.qualified.hostname';
my $ldap_base = 'ou=users,dc=2ndleveldomain,dc=topleveldomain';
my $ldap_dn = "cn=$username,$ldap_base";
# certificate is required if you wish to encrypt the password.
# e.g., /home/http/perl/lib/local/ldap.certificate
my $ldap = Net::LDAPS->new(
$ldap_uri,
# 'require' -> a certificate is needed, -> 'none' if no
certificate used
verify => 'none',
#clientcert => '/path/to/cert.crt',
#clientkey => '/path/to/key.key',
#cafile => '/path/to/ca.crt'
);
if (!(defined($ldap))) {
return -2;
}
my $mesg = $ldap->bind ($ldap_dn, password => $password);
if ($mesg->code) {
$ldap->unbind;
$ldap->disconnect;
return -1;
}
return 1;
}
# ----END LOCAL CHANGES HERE ----- DON'T DELETE THIS LINE
Hopes this helps.
Greetings
CK
> Hi Stuart,
>
> I am struggling right now with the LDAP configuration. Perhaps you can give me a hand?
> My current settings are:
>
> my $ldap_host_name = 'ldaps://*****.fh-hannover.de';
> my $ldap_ca_file_name = '';
> my $ldap_search_string = '(cn='.$username.')';
> my $ldap_dn = '';
> my $ldap_bind_password = '';
> my $ldap_search_base = 'o=fh-hannover';
>
> But this is not working. Is one requirement for LC to have a bind user and a passwort? Because my admin told me for authentication reasons a bind user is not required.
>
> Best regards
> Sebastian
>
More information about the LON-CAPA-admin
mailing list