diff options
author | Christina Fu <cfu@redhat.com> | 2015-08-05 16:21:51 -0700 |
---|---|---|
committer | Christina Fu <cfu@redhat.com> | 2015-08-07 11:08:19 -0700 |
commit | c13593770108b6d683ab3d3b43b92d67ac64a1ef (patch) | |
tree | da650b5ee643edd5dc7381f20da4623b2a349adf /base/server/upgrade | |
parent | bcdbc1e2edd66c3506544f0c53f9db3c4fe375b0 (diff) | |
download | pki-c13593770108b6d683ab3d3b43b92d67ac64a1ef.tar.gz pki-c13593770108b6d683ab3d3b43b92d67ac64a1ef.tar.xz pki-c13593770108b6d683ab3d3b43b92d67ac64a1ef.zip |
Ticket 1531 Directory auth plugin requires LDAP anonymous binds
-
This patch adds a feature to allow a directory based authentication plugin
to use bound ldap conneciton instead of anonymous.
Two files need to be edited
1. <instance>/conf/password.conf
add a "tag" and the password of the binding user dn to the file
e.g. externalLDAP=password123
2. <instance>/ca/CS.cfg
add the tag to cms.passwordlist:
e.g. cms.passwordlist=internaldb,replicationdb,externalLDAP
add the authPrefix of the auths entry for the authentication instance
e.g. externalLDAP.authPrefix=auths.instance.UserDirEnrollment
add relevant entries to the authentication instance
e.g. auths.instance.UserDirEnrollment.ldap.ldapBoundConn=true
auths.instance.UserDirEnrollment.ldap.ldapauth.authtype=BasicAuth
auths.instance.UserDirEnrollment.ldap.ldapauth.bindDN=uid=rhcs,ou=serviceaccounts,dc=EXAMPLE,dc=com
auths.instance.UserDirEnrollment.ldap.ldapauth.bindPWPrompt=externalLDAP
Diffstat (limited to 'base/server/upgrade')
0 files changed, 0 insertions, 0 deletions