wiki:Drupal HowTo Configure LDAP

Version 2 (modified by Nick Holden, 12 years ago) ( diff )

--

There is a drupal module called 'ldap' which gives authentication and authorization functions from LDAP into drupal.

Project home page: http://drupal.org/project/ldap

  • Install as per instructions.
  • Configuration:
  • First activate 'LDAP Servers' and configure that module.

UHL settings:

  • LDAP server type: Active Directory
  • LDAP server: ldaplookups.xuhl-tr.nhs.uk
  • Port: 389
  • Service Account Bind (use service account credentials previously supplied by IM&T)
  • Base DN: DC=xuhl-tr,DC=nhs,DC=uk
  • Email attribute: mail
  • Subsequently activate 'LDAP authentication'
  • Only LDAP authentication allowed except user 1
  • 'Allow Only' Text Test: OU=Cardiology (restricts logon to Cardiology dept staff
  • Existing User Account conflict: associate local account with the LDAP entry
  • Account creation : Create accounts automatically for LDAP authenticated users
  • Email behaviour: Show disabled email field on user forms.
  • Email update: Update if differs and notify user.
  • Next, 'LDAP authorization' and 'LDAP authorization - drupal roles'
  • Strategy II.B. - drupal roles are specified by LDAP attributes
  • Attribute name: memberOf
  • Mapping to drupal role: CN=BRICCS MRBS,OU=MRBS,OU=Apps,DC=xuhl-tr,DC=nhs,DC=uk|LCBRU staff
  • Use LDAP group to drupal roles filtering
  • Grant / revoke when user logs on
  • IV.C all three options ticked
  • Also activate 'LDAP help'.

Notes

There is an option for seamless or Single Sign On, but currently that is outside the scope of the BRICCS deployment.

Note: See TracWiki for help on using the wiki.