meta data for this page
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
ldap:openldap [2018/07/31 09:36] – niziak | ldap:openldap [2018/08/01 12:05] (current) – niziak | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Utils ====== | ||
+ | * OpenLDAP + phpLDAPAdmin Docker | ||
+ | * Tags: [[https:// | ||
+ | * Latest release: 1.2.1 - OpenLDAP 2.4.44 | ||
+ | * Readme: | ||
+ | * [[https:// | ||
+ | * OpenLDAP Backup [[https:// | ||
+ | * [[http:// | ||
* LDAP Account Manager | * LDAP Account Manager | ||
- | *Docker: https:// | + | * Docker: https:// |
+ | * <code bash> | ||
+ | * goto **LAM configuration** / **Edit general settings**, login with default password **lam** and Change master password. Then go back and still with password lam go to Edit server profiles to setup your OpenLDAP | ||
+ | * user: Manager, password: lam | ||
====== cn=config ====== | ====== cn=config ====== | ||
Line 13: | Line 24: | ||
* access by " | * access by " | ||
* default password " | * default password " | ||
+ | * **BaseDN: ' | ||
+ | |||
+ | ===== ACL ===== | ||
+ | |||
+ | [[https:// | ||
+ | |||
+ | Order matters in ACL rules. LDAP will stop looking on the first match. So new acl entries should be inserted before default ones. | ||
+ | |||
+ | Default entries: | ||
+ | < | ||
+ | olcAccess: {0}to attrs=userPassword, | ||
+ | olcAccess: {1}to * by self read by dn=" | ||
+ | </ | ||
+ | * olcAccess: {0}to attrs=userPassword, | ||
+ | * by self write | ||
+ | * by dn=" | ||
+ | * by anonymous auth | ||
+ | * by * none | ||
+ | * olcAccess: {1}to * | ||
+ | * by self read | ||
+ | * by dn=" | ||
+ | * by * none | ||
+ | |||
+ | |||
+ | |||
+ | Giving user: **uid=nextcloudsystemuser, | ||
+ | * Entry to edit: **olcDatabase={1}mdb, | ||
+ | * Attribute to add: **olcAccess** | ||
+ | * to by dn.exact=" | ||
+ | |||
+ | |||
+ | ==== Examples ==== | ||
+ | |||
+ | |||
+ | < | ||
+ | |||
+ | * Give user access to modify photo: < | ||