+++ /dev/null
-Authenticate a user against an LDAP directory
-Useful for Windows Active Directory and other LDAP-based organisations
-to maintain a single password across the organisation.
-Optionally authenticates only if a member of a given group in the directory.
-
-By default, the person must have registered with Friendica using the normal registration
-procedures in order to have a Friendica user record, contact, and profile.
-However, it's possible with an option to automate the creation of a Friendica basic account.
-
-Note when using with Windows Active Directory: you may need to set TLS_CACERT in your site
-ldap.conf file to the signing cert for your LDAP server.
-
-The configuration options for this module may be set in the config/addon.ini.php file
-e.g.:
-
- [ldapauth]
- // ldap hostname server - required
- ldap_server = host.example.com
- // dn to search users - required
- ldap_searchdn = ou=users,dc=example,dc=com
- // attribute to find username - required
- ldap_userattr = uid
-
- // admin dn - optional - only if ldap server dont have anonymous access
- ldap_binddn = cn=admin,dc=example,dc=com
- // admin password - optional - only if ldap server dont have anonymous access
- ldap_bindpw = password
-
- // for create Friendica account if user exist in ldap
- // required an email and a simple (beautiful) nickname on user ldap object
- // active account creation - optional - default none
- ldap_autocreateaccount = true
- // attribute to get email - optional - default : 'mail'
- ldap_autocreateaccount_emailattribute = mail
- // attribute to get nickname - optional - default : 'givenName'
- ldap_autocreateaccount_nameattribute = givenName
-
-...etc.
--- /dev/null
+Authenticate a user against an LDAP directory
+===
+
+Useful for Windows Active Directory and other LDAP-based organisations
+to maintain a single password across the organisation.
+Optionally authenticates only if a member of a given group in the directory.
+
+By default, the person must have registered with Friendica using the normal registration
+procedures in order to have a Friendica user record, contact, and profile.
+However, it's possible with an option to automate the creation of a Friendica basic account.
+
+Note when using with Windows Active Directory: you may need to set TLS_CACERT in your site
+ldap.conf file to the signing cert for your LDAP server.
+
+The configuration options for this module may be set in the `config/addon.config.php` file
+e.g.:
+
+ 'ldapauth' => [
+ // ldap hostname server - required
+ 'ldap_server' => '',
+
+ // admin dn - optional - only if ldap server dont have anonymous access
+ 'ldap_binddn' => '',
+
+ // admin password - optional - only if ldap server dont have anonymous access
+ 'ldap_bindpw' => '',
+
+ // dn to search users - required
+ 'ldap_searchdn' => '',
+
+ // attribute to find username - required
+ 'ldap_userattr' => '',
+
+ // DN of the group whose member can auth on Friendica - optional
+ 'ldap_group' => '',
+
+ // To create Friendica account if user exists in ldap
+ // Requires an email and a simple (beautiful) nickname on user ldap object
+ // active account creation - optional - default true
+ 'ldap_autocreateaccount' => true,
+
+ // attribute to get email - optional - default : 'mail'
+ 'ldap_autocreateaccount_emailattribute' => 'mail',
+
+ // attribute to get nickname - optional - default : 'givenName'
+ 'ldap_autocreateaccount_nameattribute' => 'givenName',
+ ],
+
+...etc.
--- /dev/null
+<?php
+
+// Warning: Don't change this file! It only holds the default config values for this addon.
+// Instead overwrite these config values in config/addon.config.php in your Friendica directory
+
+return [
+ 'ldapauth' => [
+ // ldap_server (String)
+ // ldap hostname server - required
+ // Example: ldap_server = host.example.com
+ 'ldap_server' => '',
+
+ // ldap_binddn (String)
+ // admin dn - optional - only if ldap server dont have anonymous access
+ // Example: ldap_binddn = cn=admin,dc=example,dc=com
+ 'ldap_binddn' => '',
+
+ // ldap_bindpw (String)
+ // admin password - optional - only if ldap server dont have anonymous access
+ 'ldap_bindpw' => '',
+
+ // ldap_searchdn (String)
+ // dn to search users - required
+ // Example: ldap_searchdn = ou=users,dc=example,dc=com
+ 'ldap_searchdn' => '',
+
+ // ldap_userattr (String)
+ // attribute to find username - required
+ // Example: ldap_userattr = uid
+ 'ldap_userattr' => '',
+
+ // ldap_group (String)
+ // DN of the group whose member can auth on Friendica - optional
+ 'ldap_group' => '',
+
+ // ldap_autocreateaccount (Boolean)
+ // To create Friendica account if user exists in ldap
+ // Requires an email and a simple (beautiful) nickname on user ldap object
+ // active account creation - optional - default true
+ 'ldap_autocreateaccount' => true,
+
+ // ldap_autocreateaccount_emailattribute (String)
+ // attribute to get email - optional - default : 'mail'
+ 'ldap_autocreateaccount_emailattribute' => 'mail',
+
+ // ldap_autocreateaccount_nameattribute (String)
+ // attribute to get nickname - optional - default : 'givenName'
+ 'ldap_autocreateaccount_nameattribute' => 'givenName',
+ ],
+];
+++ /dev/null
-<?php return <<<INI
-
-; Warning: Don't change this file! It only holds the default config values for this addon.
-; Instead overwrite these config values in config/addon.ini.php in your Friendica directory
-
-[ldapauth]
-; ldap_server (String)
-; ldap hostname server - required
-; Example: ldap_server = host.example.com
-ldap_server =
-
-; ldap_binddn (String)
-; admin dn - optional - only if ldap server dont have anonymous access
-; Example: ldap_binddn = cn=admin,dc=example,dc=com
-ldap_binddn =
-
-; ldap_bindpw (String)
-; admin password - optional - only if ldap server dont have anonymous access
-ldap_bindpw =
-
-; ldap_searchdn (String)
-; dn to search users - required
-; Example: ldap_searchdn = ou=users,dc=example,dc=com
-ldap_searchdn =
-
-; ldap_userattr (String)
-; attribute to find username - required
-; Example: ldap_userattr = uid
-ldap_userattr =
-
-; ldap_group (String)
-; DN of the group whose member can auth on Friendica - optional
-ldap_group =
-
-; ldap_autocreateaccount (Boolean)
-; for create Friendica account if user exist in ldap
-; required an email and a simple (beautiful) nickname on user ldap object
-; active account creation - optional - default none
-ldap_autocreateaccount = true
-
-; ldap_autocreateaccount_emailattribute (String)
-; attribute to get email - optional - default : 'mail'
-ldap_autocreateaccount_emailattribute = mail
-
-; ldap_autocreateaccount_nameattribute (String)
-; attribute to get nickname - optional - default : 'givenName'
-ldap_autocreateaccount_nameattribute = givenName
-
-INI;
-//Keep this line
\ No newline at end of file
* Note when using with Windows Active Directory: you may need to set TLS_CACERT in your site
* ldap.conf file to the signing cert for your LDAP server.
*
- * The configuration options for this module may be set in the config/addon.ini.php file
+ * The configuration options for this module may be set in the config/addon.config.php file
* e.g.:
*
* [ldapauth]
function ldapauth_load_config(\Friendica\App $a)
{
- $a->loadConfigFile(__DIR__. '/config/ldapauth.ini.php');
+ $a->loadConfigFile(__DIR__ . '/config/ldapauth.config.php');
}
function ldapauth_hook_authenticate($a, &$b)
https://reisub.nsupdate.info/git / friendica-addons.git / .git / commitdiff