LDAP Authentication

If you will use LDAP support feature, you have to activate additional PHP extension − ldap.

LDAP_ENABLED

LDAP server usage status. Possible values are:

• 0 - LDAP server usage is disabled
• 1 - LDAP server usage is enabled

(all the options below are ignored when LDAP server usage is 0)

LDAP_HOST

Address of LDAP server. Both IP or DNS-name are fine.

LDAP_PORT

Port number of LDAP server. The default numbers are 389 for LDAP and 636 for LDAPS.

LDAP_USE_TLS

Whether to use TLS in connection. Possible values are:

• 0 - TLS is disabled
• 1 - TLS is enabled

LDAP_BASEDN

Base DN is used to search in Active Directory. You can specify several Base DNs, separated by semicolon, for example:

OU=unit1,DC=example,DC=com; OU=unit2,DC=example,DC=com

LDAP_USERNAME / LDAP_PASSWORD

These values should be empty if your LDAP server allows anonymous access. Otherwise they should contain valid credentials of existing LDAP account with permissions to search.

LDAP_ATTR_LOGIN

This is a name of LDAP attribute that should be used to looking for user's account name when user is trying to log on (it's 'uid' on some LDAP servers).

LDAP_ATTR_FULLNAME

This is a name of LDAP attribute that should be used to looking for user's full name.

LDAP_ATTR_EMAIL

This is a name of LDAP attribute that should be used to looking for user's email address.

LDAP_ENUMERATION

Enable enumeration of LDAP users. On LDAP servers with huge amount of records it could cause generation of large HTML pages and significant delays in execution, when enabled. Possible values are:

• 0 - do not enumerate LDAP users
• 1 - enumerate LDAP users

See also 'LDAP Support' chapter.

LDAP_ADMINS

List of LDAP accounts which have administrator rights in eTraxis (comma-separated). See also 'LDAP Support' chapter.

---

Last update: 2009-09-25

Copyright © 2006-2010 by Artem Rodygin