There is a drupal module called 'ldap' which gives authentication and authorization functions from LDAP into drupal. Project home page: http://drupal.org/project/ldap * Install as per instructions. * Configuration: * First activate 'LDAP Servers' and configure that module. ''UHL settings:'' * LDAP server type: Active Directory * LDAP server: ldaplookups.xuhl-tr.nhs.uk * Port: 389 * Service Account Bind (use service account credentials previously supplied by IM&T) * Base DN: DC=xuhl-tr,DC=nhs,DC=uk * AuthName: sAMAccountName * Email attribute: mail * Subsequently activate 'LDAP authentication' * Only LDAP authentication allowed except user 1 * 'Allow Only' Text Test: OU=Cardiology (restricts logon to Cardiology dept staff * Existing User Account conflict: associate local account with the LDAP entry * Account creation : Create accounts automatically for LDAP authenticated users * Email behaviour: Show disabled email field on user forms. * Email update: Update if differs and notify user. * Next, 'LDAP authorization' and 'LDAP authorization - drupal roles' * Strategy II.B. - drupal roles are specified by LDAP attributes * Attribute name: memberOf * Mapping to drupal role: CN=BRICCS MRBS,OU=MRBS,OU=Apps,DC=xuhl-tr,DC=nhs,DC=uk|LCBRU staff * Use LDAP group to drupal roles filtering * Grant / revoke when user logs on * IV.C all three options ticked * Also activate 'LDAP help'. No configuration required. == Notes == There is an option for seamless or Single Sign On, but currently that is outside the scope of the BRICCS deployment.