wiki:Drupal HowTo Configure LDAP

Version 3 (modified by Nick Holden, 12 years ago) ( diff )

--

There is a drupal module called 'ldap' which gives authentication and authorization functions from LDAP into drupal.

Project home page: http://drupal.org/project/ldap

  • Install as per instructions.
  • Configuration:
    • First activate 'LDAP Servers' and configure that module. UHL settings:
      • LDAP server type: Active Directory
      • LDAP server: ldaplookups.xuhl-tr.nhs.uk
      • Port: 389
      • Service Account Bind (use service account credentials previously supplied by IM&T)
      • Base DN: DC=xuhl-tr,DC=nhs,DC=uk
      • AuthName: sAMAccountName
      • Email attribute: mail
    • Subsequently activate 'LDAP authentication'
      • Only LDAP authentication allowed except user 1
      • 'Allow Only' Text Test: OU=Cardiology (restricts logon to Cardiology dept staff
      • Existing User Account conflict: associate local account with the LDAP entry
      • Account creation : Create accounts automatically for LDAP authenticated users
      • Email behaviour: Show disabled email field on user forms.
      • Email update: Update if differs and notify user.
    • Next, 'LDAP authorization' and 'LDAP authorization - drupal roles'
      • Strategy II.B. - drupal roles are specified by LDAP attributes
      • Attribute name: memberOf
      • Mapping to drupal role: CN=BRICCS MRBS,OU=MRBS,OU=Apps,DC=xuhl-tr,DC=nhs,DC=uk|LCBRU staff
      • Use LDAP group to drupal roles filtering
      • Grant / revoke when user logs on
      • IV.C all three options ticked
    • Also activate 'LDAP help'.

Notes

There is an option for seamless or Single Sign On, but currently that is outside the scope of the BRICCS deployment.

Note: See TracWiki for help on using the wiki.