Project

General

Profile

Feature #758

Setup LDAP Authentication for Piwik

Added by Daniel Curtis about 8 years ago. Updated about 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Authentication
Target version:
Start date:
02/28/2016
Due date:
% Done:

100%

Estimated time:
0.50 h
Spent time:

Description

This is a guide on how to setup LDAP authentication for users on Piwik. The LDAP server is OpenLDAP on FreeBSD 9, but should work on any LDAP server.

Prepare the Environment

  • Make sure php56-ldap is installed:
    pkg install php56-ldap
    
  • And restart php-fpm to load the PHP LDAP extension:
    service php-fpm restart
    

Populate the LDAP Server

  • Create the People Organizational Unit ldif file:
    vi ~/people-ou.ldif
    
    • And add the following:
      dn: ou=People,dc=example,dc=com
      objectclass: organizationalUnit
      ou: People
      
  • Import the People OU file into the server:
    ldapadd -D "cn=Manager,dc=example,dc=com" -W -f ~/people-ou.ldif
    
  • Create the bob user ldif file:
    vi ~/bob.ldif
    
    • And add the following:
      dn: cn=Bob Guy,ou=People,dc=example,dc=com
      cn: Bob Guy
      givenname: Bob
      initials: BG
      mail: bob@example.com
      objectclass: inetOrgPerson
      objectclass: organizationalPerson
      objectclass: person
      sn: Guy
      uid: bob
      userpassword: {MD5}X03MO1qnZdYdgyfeuILPmQ==
      
    • NOTE: The password for bob is password.

Setup LDAP Authentication

  • Next click on Administration -> Marketplace.
  • Search for LoginLdap and Install the plugin.
  • Then click on Administration -> LDAP.
  • Scroll down to the LDAP Servers section and enter the LDAP server information:
    • Server URL: ldap.example.com
    • Server Port: 389
    • Base DN: dc=example,dc=com
    • LDAP Bind Username: cn=Manager,dc=example,dc=com
    • LDAP Password: SuperSecretPassword

Resources

Also available in: Atom PDF