Project

General

Profile

Feature #758

Updated by Daniel Curtis about 8 years ago

This is a guide on how to setup LDAP authentication for users on Piwik. The LDAP server is OpenLDAP on FreeBSD 9, but should work on any LDAP server. 

 h2. Prepare the Environment 

 * Make sure php56-ldap is installed: 
 <pre> 
 pkg install php56-ldap 
 </pre> 

 * And restart php-fpm to load the PHP LDAP extension: 
 <pre> 
 service php-fpm restart 
 </pre> 

 h2. Populate the LDAP Server 

 * Create the People Organizational Unit ldif file: 
 <pre> 
 vi ~/people-ou.ldif 
 </pre> 
 #* And add the following: 
 <pre> 
 dn: ou=People,dc=example,dc=com 
 objectclass: organizationalUnit 
 ou: People 
 </pre> 

 * Import the People OU file into the server: 
 <pre> 
 ldapadd -D "cn=Manager,dc=example,dc=com" -W -f ~/people-ou.ldif 
 </pre> 

 * Create the bob user ldif file: 
 <pre> 
 vi ~/bob.ldif 
 </pre> 
 #* And add the following: 
 <pre> 
 dn: cn=Bob Guy,ou=People,dc=example,dc=com Guy,ou=People,dc=gnetsolutions,dc=net 
 cn: Bob Guy 
 givenname: Bob 
 initials: BG 
 mail: bob@example.com 
 objectclass: inetOrgPerson 
 objectclass: organizationalPerson 
 objectclass: person 
 sn: Guy 
 uid: bob 
 userpassword: {MD5}X03MO1qnZdYdgyfeuILPmQ== 
 </pre> 
 #* *NOTE*: The password for bob is *password*. 

 h2. Setup LDAP Authentication 

 * Open a web browser and log into as the piwik administrator at http://piwik.example.com 

 * Next click on +Administration -> Marketplace+. 

 * Search for *LoginLdap* and +Install+ the plugin. 

 * Then click on +Administration -> LDAP+. 

 * Scroll down to the *LDAP Servers* section and enter the LDAP server information: 
 #* Server URL: *ldap.example.com* 
 #* Server Port: *389* 
 #* Base DN: *dc=example,dc=com* 
 #* LDAP Bind Username: *cn=Manager,dc=example,dc=com* 
 #* LDAP Password: *SuperSecretPassword* 

 h2. Resources 

 * https://plugins.piwik.org/LoginLdap 
 * https://github.com/piwik/plugin-LoginLdap/

Back