Linux基础
1 介绍
LimeSurvey的插件主要用于从LDAP中导入用户信息,本章完成LimeSurvey的LDAP集成。
2 最佳实践
2.1 环境配置
本章的实践以LimeSurvey的部署就绪为前提条件,如果你尚未部署环境,请参阅以下链接部署,
https://www.cmdschool.org/archives/5120
本章所使用的LDAP为389 DS服务,如果你需要此环境,请参阅以下链接部署,
https://www.cmdschool.org/archives/5307
2.2 配置邮件功能
2.2.1 配置邮件参数
主界面单击【Configuration】->【Global Setings】->【Email Settings】菜单
按照下表配置参数,
| 参数 | 值 |
| Default site admin email | limesurvey@cmdschool.org |
| Administrator name | Administrator |
| Email method | SMTP |
| SMTP host | smtp.cmdschool.org |
| SMTP username | limesurvey |
| SMTP password | limesurveypassword | SMTP encryption | Off |
| SMTP debug mode | Off |
| Email batch size | 50 |
注:根据以上参数配置后,单击“Save”即可
2.2.2 测试邮件配置
由于没有提供测试界面,我们将在下一个章节测试。
2.3 配置LDAP插件
2.3.1 进入配置界面
主界面单击【Configuration】->【Setings】->【Plugin Manager】菜单
界面显示如下,
如上图所示,
单击【Activate】后单击【Configure】
2.3.2 配置LDAP连接
需要配置如下参数,
| 参数 | 值 |
| LDAP server | ldap://10.168.0.155 |
| Port number | 389 |
| LDAP version | LDAPv3 |
| Select true if referrals must be followed (use false for ActiveDirectory) | true |
| Enable Start-TLS | false |
| Select how to perform authentication | Search and bind |
| Attribute to compare to the given login can be uid, cn, mail, … | uid |
| Base DN for the user search operation. Multiple bases may be separated by a semicolon (;) | ou=people,dc=cmdschool,dc=org |
| Optional extra LDAP filter to be ANDed to the basic (searchuserattribute=username) filter. Don’t forget the outmost enclosing parentheses | leave blank |
| Optional DN of the LDAP account used to search for the end-user’s DN. An anonymous bind is performed if empty. | cn=directory manager |
| Password of the LDAP account used to search for the end-user’s DN if previoulsy set. | directory manager password |
| LDAP attribute of email address | |
| LDAP attribute of full name | cn |
| Check to make default authentication method | as you wish |
| Automatically create user if it exists in LDAP server | true |
| Grant survey creation permission to automatically created users | false |
| Optional base DN for group restriction | leave blank |
| Optional filter for group restriction | leave blank |
| Allow initial user to login via LDAP | true |
注:根据以上参数配置后,单击“Save”即可
2.3.3 测试LDAP连接
由于程序没有提供LDAP测试界面,我们借用添加管理员界面测试LDAP的配置,
主界面单击【Configuration】->【Manage Survey Administrators】
界面显示如下,
如上图所示,
单击【Add user】
界面显示如下,
如上图所示,
在“Central database”中选择“LDAP authentication”
在“Username”中输入用户的,例如“wtan”
单击“Save”即可
界面显示如下,
参阅文档
============
https://manual.limesurvey.org/LDAP_settings
没有评论