Version 2 (modified by 12 years ago) ( diff ) | ,
---|
There is a drupal module called 'ldap' which gives authentication and authorization functions from LDAP into drupal.
Project home page: http://drupal.org/project/ldap
- Install as per instructions.
- Configuration:
- First activate 'LDAP Servers' and configure that module.
UHL settings:
- LDAP server type: Active Directory
- LDAP server: ldaplookups.xuhl-tr.nhs.uk
- Port: 389
- Service Account Bind (use service account credentials previously supplied by IM&T)
- Base DN: DC=xuhl-tr,DC=nhs,DC=uk
- AuthName: sAMAccountName
- Email attribute: mail
- Subsequently activate 'LDAP authentication'
- Only LDAP authentication allowed except user 1
- 'Allow Only' Text Test: OU=Cardiology (restricts logon to Cardiology dept staff
- Existing User Account conflict: associate local account with the LDAP entry
- Account creation : Create accounts automatically for LDAP authenticated users
- Email behaviour: Show disabled email field on user forms.
- Email update: Update if differs and notify user.
- Next, 'LDAP authorization' and 'LDAP authorization - drupal roles'
- Strategy II.B. - drupal roles are specified by LDAP attributes
- Attribute name: memberOf
- Mapping to drupal role: CN=BRICCS MRBS,OU=MRBS,OU=Apps,DC=xuhl-tr,DC=nhs,DC=uk|LCBRU staff
- Use LDAP group to drupal roles filtering
- Grant / revoke when user logs on
- IV.C all three options ticked
- Also activate 'LDAP help'.
Notes
There is an option for seamless or Single Sign On, but currently that is outside the scope of the BRICCS deployment.
Note:
See TracWiki
for help on using the wiki.