Project

General

Profile

Feature #756

Updated by Daniel Curtis about 8 years ago

This is a guide on how to setup LDAP authentication for users on ownCloud. The LDAP server is OpenLDAP on FreeBSD 9, but should work on any LDAP server. 

 h2. Populate the LDAP Server 

 * Create the People Organizational Unit ldif file: 
 <pre> 
 vi ~/people-ou.ldif 
 </pre> 
 #* And add the following: 
 <pre> 
 dn: ou=People,dc=example,dc=com 
 objectclass: organizationalUnit 
 ou: People 
 </pre> 

 * Import the People OU file into the server: 
 <pre> 
 ldapadd -D "cn=Manager,dc=example,dc=com" -W -f ~/people-ou.ldif 
 </pre> 

 * Create the bob user ldif file: 
 <pre> 
 vi ~/bob.ldif 
 </pre> 
 #* And add the following: 
 <pre> 
 dn: cn=Bob Guy,ou=People,dc=example,dc=com Guy,ou=People,dc=gnetsolutions,dc=net 
 cn: Bob Guy 
 givenname: Bob 
 initials: BG 
 mail: bob@example.com 
 objectclass: inetOrgPerson 
 objectclass: organizationalPerson 
 objectclass: person 
 sn: Guy 
 uid: bob 
 userpassword: {MD5}X03MO1qnZdYdgyfeuILPmQ== 
 </pre> 
 #* *NOTE*: The password for bob is *password*. 

 h2. Setup LDAP Authentication 

 *NOTE*: Make sure to set the LDAP users _uid_ to the group _memberUid_ attribute, or else owncloud will not be able to match the LDAP user and groups. 

 * Log into owncloud admin site, http://owncloud.example.com/ and go to +Apps -> Apps+ and click on *Not enabled*. 

 * Locate and enable *LDAP user and group backend*. 

 * Next go to +Username -> Admin+ and scroll to the LDAP section. 
 *# Host: *ldap.example.com* 
 *# Port: *389* 
 *# User DN: *cn=Manager,dc=example,dc=com* 
 *# Password: *SuperSecretPassword* 
 *# Base DN: *dc=example,dc=com* 

 * Click *Continue* and select all of the Object Classes in the Users tab. 

 * Then click *Continue* and select: 
 *# LDAP / AD Username: *[X]* 
 *# LDAP / AD Email Address: *[X]* 

 * Next click the +Advanced -> Directory Settings+ and select *_memberUid_* from the Group-Member association menu. 

 * Finally enter in the bob username and test if the connection works. If it does, try logging out and logging into owncloud using the bob user. 

 h2. Resources 

 * https://doc.owncloud.org/server/8.2/admin_manual/configuration_user/user_auth_ldap.html

Back