phpLDAPadmin
Presentation
phpLDAPadmin is an LDAP administration tool written in PHP. See http://phpldapadmin.sourceforge.net/ for more informations.Simple integration
This integration is easy: phpLDAPadmin will connect to the directory with a static DN and password, and so will not request authentication anymore. The access to phpLDAPadmin will be protected by LemonLDAP::NG with specific access rules. Warning: phpLDAPadmin will have no idea of the user connected to the WebSSO. So a simple user can have admin rights on the LDAP directory if your access rules are too lazy.phpLDAPadmin configuration
Just set the authentication type to 'config' and indicate DN and password inside the file config.php:$ldapservers->SetValue($i,'server','auth_type','config'); $ldapservers->SetValue($i,'login','dn','cn=Manager,dc=example,dc=com'); $ldapservers->SetValue($i,'login','pass','secret');
Apache configuration
We recommend to create a virtualhost for phpLDAPadmin (eg. http://pla.example.com). Then configure this virtualhost in your existing Apache configuration:# The following lines must be set once for all virtualhosts NameVirtualHost *
PerlRequire /opt/lemonldap-ng/handler/Handler.pm PerlOptions +GlobalRequest <Files ~ ".(pl)$"> SetHandler perl-script PerlHandler ModPerl::Registry PerlSendHeader On </Files>
# Define here all protected virtualhosts
<VirtualHost *> ServerName pla.example.com ServerSignature Off
DocumentRoot /opt/phpldapadmin DirectoryIndex index.php
PerlHeaderParserHandler Handler
<Location /refresh> PerlHeaderParserHandler Handler->refresh </Location>
LogLevel warn ErrorLog /var/log/httpd/phpldapadmin-error.log CustomLog /var/log/httpd/phphldapadmin-access.log combined </VirtualHost>
LemonLDAP::NG configuration
Go to the manager and create a new virtual host:
pla.example.com
Then create the access rule. Some examples:
default => accept
default => $groups ~= \badmin\b
Remove all HTTP_HEADERS, because they are not used!
Complex integration
This is a feature request: https://sourceforge.net/tracker/index.php?func=detail&aid=2073323&group_id=61828&atid=498549