[Mayan EDMS: 1332] Re: Active directory, LDAP integration

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

[Mayan EDMS: 1332] Re: Active directory, LDAP integration

Victor Zele
I can confirm this works for 2.0.2 LDAP authentication adding to the local.py settings file.  The usable password is marked red which is correct since the password is managed in LDAP/AD.

CONFIDENTIALITY NOTICE: 

This transmission may contain information which is Vimo, Inc. (DBA Getinsured) confidential and/or legally privileged. The information is intended only for the use of the individual or entity named on this transmission. If you are not the intended recipient, you are hereby notified that any disclosure, copying, or distribution of the contents of this transmission is strictly prohibited. If you have received this transmission in error, please immediately notify me by return e-mail and destroy all copies of the original message.

--

---
You received this message because you are subscribed to the Google Groups "Mayan EDMS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

[Mayan EDMS: 1340] Re: Active directory, LDAP integration

rosarior
Administrator
Thank you for confirming that this still works!

On Friday, April 22, 2016 at 1:11:21 PM UTC-4, Victor Zele wrote:
I can confirm this works for 2.0.2 LDAP authentication adding to the local.py settings file.  The usable password is marked red which is correct since the password is managed in LDAP/AD.

--

---
You received this message because you are subscribed to the Google Groups "Mayan EDMS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

[Mayan EDMS: 1372] Re: Active directory, LDAP integration

Subhash Pant
Roberto,

I am adding the following code segment to local.py, with my LDAP setting. I have an older version of Mayan that has LDAP working, but looks like a few filenames have changed on the new releases.

I included the code in the local.py and ran mayan-edms.py initialsetup. However, I could not get the LDAP/AD to work. Am I missing anything?

Thanks.

On Tuesday, April 26, 2016 at 5:34:49 PM UTC-5, Roberto Rosario wrote:
Thank you for confirming that this still works!

On Friday, April 22, 2016 at 1:11:21 PM UTC-4, Victor Zele wrote:
I can confirm this works for 2.0.2 LDAP authentication adding to the local.py settings file.  The usable password is marked red which is correct since the password is managed in LDAP/AD.

--

---
You received this message because you are subscribed to the Google Groups "Mayan EDMS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

[Mayan EDMS: 1376] Re: Active directory, LDAP integration

Victor Zele
I ran the update to 2.1.1 and my Active Director/LDAP auth is still working as expected.

Below is what I had to set in my /usr/share/mayan-edms/local.py file after PIP installing the LDAP modules with:

pip install ldap
pip install python-ldap
pip install django-auth-ldap

Victor
========================
from __future__ import absolute_import

from .base import *

import ldap
from django_auth_ldap.config import LDAPSearch

#### ----cut ---
# End of file inserted

AUTH_LDAP_SERVER_URI = "ldap://AD-Servername:389"
AUTH_LDAP_BIND_DN = 'CN=BINDUSERNAME,CN=BINDUSERCN,DC=YOURDOMAIN,DC=com'
AUTH_LDAP_BIND_PASSWORD = 'BindPassword'
AUTH_LDAP_USER_SEARCH = LDAPSearch('OU=youruserOU,DC=yourdomain,DC=com', ldap.SCOPE_SUBTREE, '(SAMAccountName=%(user)s)')

# Populate the Django user from the LDAP directory.
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
}

# This is the default, but I like to be explicit.
AUTH_LDAP_ALWAYS_UPDATE_USER = True

AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)

===========================
Then run,

supervisorctl stop all
mayan-edms.py collectstatic --noinput
supervisorctl start all

On Friday, June 3, 2016 at 11:01:05 AM UTC-7, Subhash Pant wrote:
Roberto,

I am adding the following code segment to local.py, with my LDAP setting. I have an older version of Mayan that has LDAP working, but looks like a few filenames have changed on the new releases.

I included the code in the local.py and ran mayan-edms.py initialsetup. However, I could not get the LDAP/AD to work. Am I missing anything?

Thanks.

On Tuesday, April 26, 2016 at 5:34:49 PM UTC-5, Roberto Rosario wrote:
Thank you for confirming that this still works!

On Friday, April 22, 2016 at 1:11:21 PM UTC-4, Victor Zele wrote:
I can confirm this works for 2.0.2 LDAP authentication adding to the local.py settings file.  The usable password is marked red which is correct since the password is managed in LDAP/AD.

CONFIDENTIALITY NOTICE: 

This transmission may contain information which is Vimo, Inc. (DBA Getinsured) confidential and/or legally privileged. The information is intended only for the use of the individual or entity named on this transmission. If you are not the intended recipient, you are hereby notified that any disclosure, copying, or distribution of the contents of this transmission is strictly prohibited. If you have received this transmission in error, please immediately notify me by return e-mail and destroy all copies of the original message.

--

---
You received this message because you are subscribed to the Google Groups "Mayan EDMS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

[Mayan EDMS: 1381] Re: Active directory, LDAP integration

rosarior
Administrator
I see a lot of value in including this in the documentation. Are you willing to maintain this part of the docs if included? How about adding a basic install step for a standalone OpenLDAP server?


On Tuesday, June 7, 2016 at 5:08:37 PM UTC-4, Victor Zele wrote:
I ran the update to 2.1.1 and my Active Director/LDAP auth is still working as expected.

Below is what I had to set in my /usr/share/mayan-edms/local.py file after PIP installing the LDAP modules with:

pip install ldap
pip install python-ldap
pip install django-auth-ldap

Victor
========================
from __future__ import absolute_import

from .base import *

import ldap
from django_auth_ldap.config import LDAPSearch

#### ----cut ---
# End of file inserted

AUTH_LDAP_SERVER_URI = "ldap://AD-Servername:389"
AUTH_LDAP_BIND_DN = 'CN=BINDUSERNAME,CN=BINDUSERCN,DC=YOURDOMAIN,DC=com'
AUTH_LDAP_BIND_PASSWORD = 'BindPassword'
AUTH_LDAP_USER_SEARCH = LDAPSearch('OU=youruserOU,DC=yourdomain,DC=com', ldap.SCOPE_SUBTREE, '(SAMAccountName=%(user)s)')

# Populate the Django user from the LDAP directory.
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
}

# This is the default, but I like to be explicit.
AUTH_LDAP_ALWAYS_UPDATE_USER = True

AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)

===========================
Then run,

supervisorctl stop all
mayan-edms.py collectstatic --noinput
supervisorctl start all

On Friday, June 3, 2016 at 11:01:05 AM UTC-7, Subhash Pant wrote:
Roberto,

I am adding the following code segment to local.py, with my LDAP setting. I have an older version of Mayan that has LDAP working, but looks like a few filenames have changed on the new releases.

I included the code in the local.py and ran mayan-edms.py initialsetup. However, I could not get the LDAP/AD to work. Am I missing anything?

Thanks.

On Tuesday, April 26, 2016 at 5:34:49 PM UTC-5, Roberto Rosario wrote:
Thank you for confirming that this still works!

On Friday, April 22, 2016 at 1:11:21 PM UTC-4, Victor Zele wrote:
I can confirm this works for 2.0.2 LDAP authentication adding to the local.py settings file.  The usable password is marked red which is correct since the password is managed in LDAP/AD.

--

---
You received this message because you are subscribed to the Google Groups "Mayan EDMS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

[Mayan EDMS: 1386] Re: Active directory, LDAP integration

Victor Zele
Sure.  But I find the documention build  process complex and hard to figure out.  Its easy for a novice to just post to this Google forum.  I don't use OpenLDAP just linked to our existing Corp AD.

:)

On Thursday, June 9, 2016 at 3:13:40 PM UTC-7, Roberto Rosario wrote:
I see a lot of value in including this in the documentation. Are you willing to maintain this part of the docs if included? How about adding a basic install step for a standalone OpenLDAP server?


On Tuesday, June 7, 2016 at 5:08:37 PM UTC-4, Victor Zele wrote:
I ran the update to 2.1.1 and my Active Director/LDAP auth is still working as expected.

Below is what I had to set in my /usr/share/mayan-edms/local.py file after PIP installing the LDAP modules with:

pip install ldap
pip install python-ldap
pip install django-auth-ldap

Victor
========================
from __future__ import absolute_import

from .base import *

import ldap
from django_auth_ldap.config import LDAPSearch

#### ----cut ---
# End of file inserted

AUTH_LDAP_SERVER_URI = "ldap://AD-Servername:389"
AUTH_LDAP_BIND_DN = 'CN=BINDUSERNAME,CN=BINDUSERCN,DC=YOURDOMAIN,DC=com'
AUTH_LDAP_BIND_PASSWORD = 'BindPassword'
AUTH_LDAP_USER_SEARCH = LDAPSearch('OU=youruserOU,DC=yourdomain,DC=com', ldap.SCOPE_SUBTREE, '(SAMAccountName=%(user)s)')

# Populate the Django user from the LDAP directory.
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
}

# This is the default, but I like to be explicit.
AUTH_LDAP_ALWAYS_UPDATE_USER = True

AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)

===========================
Then run,

supervisorctl stop all
mayan-edms.py collectstatic --noinput
supervisorctl start all

On Friday, June 3, 2016 at 11:01:05 AM UTC-7, Subhash Pant wrote:
Roberto,

I am adding the following code segment to local.py, with my LDAP setting. I have an older version of Mayan that has LDAP working, but looks like a few filenames have changed on the new releases.

I included the code in the local.py and ran mayan-edms.py initialsetup. However, I could not get the LDAP/AD to work. Am I missing anything?

Thanks.

On Tuesday, April 26, 2016 at 5:34:49 PM UTC-5, Roberto Rosario wrote:
Thank you for confirming that this still works!

On Friday, April 22, 2016 at 1:11:21 PM UTC-4, Victor Zele wrote:
I can confirm this works for 2.0.2 LDAP authentication adding to the local.py settings file.  The usable password is marked red which is correct since the password is managed in LDAP/AD.

CONFIDENTIALITY NOTICE: 

This transmission may contain information which is Vimo, Inc. (DBA Getinsured) confidential and/or legally privileged. The information is intended only for the use of the individual or entity named on this transmission. If you are not the intended recipient, you are hereby notified that any disclosure, copying, or distribution of the contents of this transmission is strictly prohibited. If you have received this transmission in error, please immediately notify me by return e-mail and destroy all copies of the original message.

--

---
You received this message because you are subscribed to the Google Groups "Mayan EDMS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: [Mayan EDMS: 1386] Re: Active directory, LDAP integration

rosarior
Administrator

How about switching documentation to something like http://www.mkdocs.org/? Uses markdown which simpler.

On Jun 16, 2016 6:47 PM, "Victor Zele" <[hidden email]> wrote:
Sure.  But I find the documention build  process complex and hard to figure out.  Its easy for a novice to just post to this Google forum.  I don't use OpenLDAP just linked to our existing Corp AD.

:)

On Thursday, June 9, 2016 at 3:13:40 PM UTC-7, Roberto Rosario wrote:
I see a lot of value in including this in the documentation. Are you willing to maintain this part of the docs if included? How about adding a basic install step for a standalone OpenLDAP server?


On Tuesday, June 7, 2016 at 5:08:37 PM UTC-4, Victor Zele wrote:
I ran the update to 2.1.1 and my Active Director/LDAP auth is still working as expected.

Below is what I had to set in my /usr/share/mayan-edms/local.py file after PIP installing the LDAP modules with:

pip install ldap
pip install python-ldap
pip install django-auth-ldap

Victor
========================
from __future__ import absolute_import

from .base import *

import ldap
from django_auth_ldap.config import LDAPSearch

#### ----cut ---
# End of file inserted

AUTH_LDAP_SERVER_URI = "ldap://AD-Servername:389"
AUTH_LDAP_BIND_DN = 'CN=BINDUSERNAME,CN=BINDUSERCN,DC=YOURDOMAIN,DC=com'
AUTH_LDAP_BIND_PASSWORD = 'BindPassword'
AUTH_LDAP_USER_SEARCH = LDAPSearch('OU=youruserOU,DC=yourdomain,DC=com', ldap.SCOPE_SUBTREE, '(SAMAccountName=%(user)s)')

# Populate the Django user from the LDAP directory.
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
}

# This is the default, but I like to be explicit.
AUTH_LDAP_ALWAYS_UPDATE_USER = True

AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)

===========================
Then run,

supervisorctl stop all
mayan-edms.py collectstatic --noinput
supervisorctl start all

On Friday, June 3, 2016 at 11:01:05 AM UTC-7, Subhash Pant wrote:
Roberto,

I am adding the following code segment to local.py, with my LDAP setting. I have an older version of Mayan that has LDAP working, but looks like a few filenames have changed on the new releases.

I included the code in the local.py and ran mayan-edms.py initialsetup. However, I could not get the LDAP/AD to work. Am I missing anything?

Thanks.

On Tuesday, April 26, 2016 at 5:34:49 PM UTC-5, Roberto Rosario wrote:
Thank you for confirming that this still works!

On Friday, April 22, 2016 at 1:11:21 PM UTC-4, Victor Zele wrote:
I can confirm this works for 2.0.2 LDAP authentication adding to the local.py settings file.  The usable password is marked red which is correct since the password is managed in LDAP/AD.

CONFIDENTIALITY NOTICE: 

This transmission may contain information which is Vimo, Inc. (DBA Getinsured) confidential and/or legally privileged. The information is intended only for the use of the individual or entity named on this transmission. If you are not the intended recipient, you are hereby notified that any disclosure, copying, or distribution of the contents of this transmission is strictly prohibited. If you have received this transmission in error, please immediately notify me by return e-mail and destroy all copies of the original message.

--

---
You received this message because you are subscribed to the Google Groups "Mayan EDMS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.

--

---
You received this message because you are subscribed to the Google Groups "Mayan EDMS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: [Mayan EDMS: 1390] Re: Active directory, LDAP integration

Victor Zele
I can try that if you think its easier.

On Thursday, June 16, 2016 at 4:10:28 PM UTC-7, Roberto Rosario wrote:

How about switching documentation to something like <a href="http://www.mkdocs.org/" target="_blank" rel="nofollow" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fwww.mkdocs.org%2F\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFoHWOztIadg1QLJ8TX89nM38-UNg&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fwww.mkdocs.org%2F\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFoHWOztIadg1QLJ8TX89nM38-UNg&#39;;return true;">http://www.mkdocs.org/? Uses markdown which simpler.

On Jun 16, 2016 6:47 PM, "Victor Zele" <<a href="javascript:" target="_blank" gdf-obfuscated-mailto="sAKVhnDxAgAJ" rel="nofollow" onmousedown="this.href=&#39;javascript:&#39;;return true;" onclick="this.href=&#39;javascript:&#39;;return true;">victo...@...> wrote:
Sure.  But I find the documention build  process complex and hard to figure out.  Its easy for a novice to just post to this Google forum.  I don't use OpenLDAP just linked to our existing Corp AD.

:)

On Thursday, June 9, 2016 at 3:13:40 PM UTC-7, Roberto Rosario wrote:
I see a lot of value in including this in the documentation. Are you willing to maintain this part of the docs if included? How about adding a basic install step for a standalone OpenLDAP server?

---
You received this message because you are subscribed to the Google Groups "Mayan EDMS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to <a href="javascript:" target="_blank" gdf-obfuscated-mailto="sAKVhnDxAgAJ" rel="nofollow" onmousedown="this.href=&#39;javascript:&#39;;return true;" onclick="this.href=&#39;javascript:&#39;;return true;">mayan-edms+...@googlegroups.com.
For more options, visit <a href="https://groups.google.com/d/optout" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://groups.google.com/d/optout&#39;;return true;" onclick="this.href=&#39;https://groups.google.com/d/optout&#39;;return true;">https://groups.google.com/d/optout.

CONFIDENTIALITY NOTICE: 

This transmission may contain information which is Vimo, Inc. (DBA Getinsured) confidential and/or legally privileged. The information is intended only for the use of the individual or entity named on this transmission. If you are not the intended recipient, you are hereby notified that any disclosure, copying, or distribution of the contents of this transmission is strictly prohibited. If you have received this transmission in error, please immediately notify me by return e-mail and destroy all copies of the original message.

--

---
You received this message because you are subscribed to the Google Groups "Mayan EDMS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: [Mayan EDMS: 1405] Re: Active directory, LDAP integration

rosarior
Administrator
I gave it a try and it has too many shortcomings. Retaining the current custom setup of Sphinx for the time being.

On Wednesday, June 22, 2016 at 4:51:49 PM UTC-4, Victor Zele wrote:
I can try that if you think its easier.

On Thursday, June 16, 2016 at 4:10:28 PM UTC-7, Roberto Rosario wrote:

How about switching documentation to something like <a href="http://www.mkdocs.org/" rel="nofollow" target="_blank" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fwww.mkdocs.org%2F\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFoHWOztIadg1QLJ8TX89nM38-UNg&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fwww.mkdocs.org%2F\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFoHWOztIadg1QLJ8TX89nM38-UNg&#39;;return true;">http://www.mkdocs.org/? Uses markdown which simpler.

On Jun 16, 2016 6:47 PM, "Victor Zele" <[hidden email]> wrote:
Sure.  But I find the documention build  process complex and hard to figure out.  Its easy for a novice to just post to this Google forum.  I don't use OpenLDAP just linked to our existing Corp AD.

:)

On Thursday, June 9, 2016 at 3:13:40 PM UTC-7, Roberto Rosario wrote:
I see a lot of value in including this in the documentation. Are you willing to maintain this part of the docs if included? How about adding a basic install step for a standalone OpenLDAP server?

---
You received this message because you are subscribed to the Google Groups "Mayan EDMS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mayan-edms+...@googlegroups.com.
For more options, visit <a href="https://groups.google.com/d/optout" rel="nofollow" target="_blank" onmousedown="this.href=&#39;https://groups.google.com/d/optout&#39;;return true;" onclick="this.href=&#39;https://groups.google.com/d/optout&#39;;return true;">https://groups.google.com/d/optout.

--

---
You received this message because you are subscribed to the Google Groups "Mayan EDMS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: [Mayan EDMS: 2108] Re: Active directory, LDAP integration

concasau
In reply to this post by Victor Zele
Hi all,

I am using Mayan EDMS through Docker, how can and where I configure and
enable LDAP function on.

Thanks all,

Joe Nguyen



--
Sent from: http://mayan-edms.1003.x6.nabble.com/

--

---
You received this message because you are subscribed to the Google Groups "Mayan EDMS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: [Mayan EDMS: 2110] Re: Active directory, LDAP integration

rosarior
Administrator
We are working on it: https://gitlab.com/mayan-edms/mayan-edms-docker/issues/16#note_40193691

Subscribe to the issue to get the latest updates.

On Friday, September 15, 2017 at 4:05:00 PM UTC-4, Joe Nguyen wrote:
Hi all,

I am using Mayan EDMS through Docker, how can and where I configure and
enable LDAP function on.

Thanks all,

Joe Nguyen



--
Sent from: <a href="http://mayan-edms.1003.x6.nabble.com/" target="_blank" rel="nofollow" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fmayan-edms.1003.x6.nabble.com%2F\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHUqa-NYoaN-zIxczRAK6z0AWcc9g&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fmayan-edms.1003.x6.nabble.com%2F\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHUqa-NYoaN-zIxczRAK6z0AWcc9g&#39;;return true;">http://mayan-edms.1003.x6.nabble.com/

--

---
You received this message because you are subscribed to the Google Groups "Mayan EDMS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.