如何配置LimeSurvey的LDAP?
- By : Will
- Category : Linux基础
- Tags: LDAP, limesurvey
1 前言
LDAP无疑是企业化的利器,本章将实践如何配置LimeSurver的LDAP环境。
2 最佳实践
2.1 环境配置
本章的实践以LimeSurvey的部署就绪为前提条件,如果你尚未部署环境,请参阅以下链接部署,
https://www.cmdschool.org/archives/5120
本章所使用的LDAP为389 DS服务,如果你需要此环境,请参阅以下链接部署,
https://www.cmdschool.org/archives/5307
2.2 配置LDAP
2.2.1 开启LDAP
cp /var/www/limesurvey/application/config/config.php /var/www/limesurvey/application/config/config.php.default vim /var/www/limesurvey/application/config/config.php
启用如下参数,
'config'=>array( 'debug'=>0, 'debugsql'=>0, 'enableLdap'=>true, )
2.2.2 定义LDAP连接
cp /var/www/limesurvey/application/config/ldap.php /var/www/limesurvey/application/config/ldap.php.default vim /var/www/limesurvey/application/config/ldap.php
启用如下参数,
<?php $serverId = 0; $ldap_server[$serverId]['server'] = "10.168.0.155"; $ldap_server[$serverId]['port'] = "389"; $ldap_server[$serverId]['protoversion'] = "ldapv3"; $ldap_server[$serverId]['encrypt'] = "none"; $ldap_server[$serverId]['referrals'] = false; $ldap_server[$serverId]['binddn'] = "cn=directory manager"; $ldap_server[$serverId]['bindpw'] = "directory manager passsword"; $query_id = 0; $ldap_queries[$query_id]['ldapServerId'] = 0; $ldap_queries[$query_id]['name'] = 'All Account Of Staff'; $ldap_queries[$query_id]['userbase'] = 'ou=people,dc=cmdschool,dc=org'; $ldap_queries[$query_id]['userfilter'] = '(objectClass=inetOrgPerson)'; $ldap_queries[$query_id]['userscope'] = 'sub'; $ldap_queries[$query_id]['firstname_attr'] = 'givenname'; $ldap_queries[$query_id]['lastname_attr'] = 'sn'; $ldap_queries[$query_id]['email_attr'] = 'mail'; $ldap_queries[$query_id]['token_attr'] = ''; // Leave empty for Auto Token generation bu phpsv $ldap_queries[$query_id]['language'] = ''; $ldap_queries[$query_id]['attr1'] = ''; $ldap_queries[$query_id]['attr2'] = ''; return array('ldap_server' => $ldap_server, 'ldap_queries' => $ldap_queries);
注:以上主要使用“userfilter”参数进行用户筛选,你可以按照如下范例测试你的表达式,
ldapsearch -x -h 10.168.0.155 -p 389 -W -b "dc=cmdschool,dc=org" "(objectClass=inetOrgPerson)"
另外,关于更加复杂的查询,请参阅如下链接,
https://www.cmdschool.org/archives/1294
2.3 测试LDAP
2.3.1 创建调查
单击【Surveys】->【Create a new survey】创建一个调查问卷(由于只用于测试LDAP,详细步骤省略)
2.3.2 测试LdAP
假设你上一个步骤创建了一个“Title”为“www.cmdschool.org”的调查问卷
单击【Surveys】->【www.cmdschool.org】->【Survey Participants】
如上图所示:
单击【Create】->【LDAP query】
窗口显示如下,
如上图所示:
单击【Upload】
窗口显示如下则成功,
参阅文档
========================
https://github.com/LimeSurvey/LimeSurvey
https://manual.limesurvey.org/Authentication_plugins#LDAP
https://manual.limesurvey.org/LDAP_settings
https://www.limesurvey.org/forum/plugins/115183-ldap-authentication-plugin-test
https://www.limesurvey.org/forum/plugins/95966-settings-for-plugin-authldap-help-me?start=0
没有评论