1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/limesurvey_ynh.git synced 2024-09-03 19:36:32 +02:00
limesurvey_ynh/conf/ldap.php

145 lines
6 KiB
PHP
Raw Normal View History

<?php
/*
* LimeSurvey
* Copyright (C) 2007-2011 The LimeSurvey Project Team / Carsten Schmitz
* All rights reserved.
* License: GNU/GPL License v2 or later, see LICENSE.php
* LimeSurvey is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*
*/
/*********** LDAP Parameters and Functions ***********************
*
* - First define your ldap servers and remember the serverId
* - Then define your ldap_query and 'attach' it to the serverId
******************************************************************/
/*********************************************/
/* LDAP servers */
/*********************************************/
$serverId=0;
// Define the server DNS name or IP Address
// If encryption is enabled, make sure the name given here
// corresponds to the certificate's identity
$ldap_server[$serverId]['server'] = "localhost";
// Define the TCP port on which the LDAP server is listenning
// This should be 389 for standard LDAP servers
// or 636 for standard LDAPS connections
$ldap_server[$serverId]['port'] = "389";
// Define the ldap protocol to use
// 'ldapv2' and 'ldapv3' are supported
$ldap_server[$serverId]['protoversion'] = "ldapv3";
// Define the encryption method to use
// 'ldaps' is supported for 'ldapv2' servers
// 'start-tls' is supproted for 'ldapv3' servers
// 'none' is supproted for no encryption at all
// Don't forget to setup your CA's certificate in
// the openldap ldap.conf file
$ldap_server[$serverId]['encrypt'] = "none";
// Define the referral option
// 'false' is recommended for ActiveDirectory servers
$ldap_server[$serverId]['referrals'] = false;
// Define the encoding used by the Ldap directory
// You may omit this parameter (let it commented out)
// as the default value, 'utf-8', should work for most installations.
// However, Active Directory in West Europe may use 'cp850'.
// $ldap_server[$serverId]['encoding'] = 'utf-8';
// Define the authentication used to bind to the directory
// We currently support simple authentication
// If anonymous bind must be performed, comment the following two lines
// Note that Active Directory (AD) usually requires authentication before
// you are authorized to read its content. Remeber as well that user's DN
// in AD are in the form of CN=username,CN=Users,DC=WindowsDomainName,DC=mycompany,DC=org
//
$ldap_server[$serverId]['binddn'] = "uid=mybinduser,dc=yunohost,dc=org";
$ldap_server[$serverId]['bindpw'] = "AsecretPassword";
/********* Copy for more definitions *****
$serverId++;
$ldap_server[$serverId]['server'] = "ldap.mycompany.org";
$ldap_server[$serverId]['port'] = "389";
$ldap_server[$serverId]['protoversion'] = "ldapv3";
$ldap_server[$serverId]['encrypt'] = "start-tls";
$ldap_server[$serverId]['referrals'] = false;
$ldap_server[$serverId]['binddn'] = "uid=mybinduser,dc=mycompany,dc=org";
$ldap_server[$serverId]['bindpw'] = "AsecretPassword";
*****************************************/
/**********************************************************************/
/* Predefined Queries for Token Imports */
/* */
/* This sample query definition is just an fake template: do not */
/* expect it to do something intelligent on your directory */
/* Instead have a look at the online documentation: */
/* - Section Installation, paragraph LDAP_Settings */
/* And for Active Directory tips: */
/* - Section Installation FAQ, paragraph */
/* How_do_I_configure_LDAP_settings_to_work_with_Active_Directory_ */
/**********************************************************************/
$query_id=0;
// First define the serverId on which you want to run the query
$ldap_queries[$query_id]['ldapServerId'] = 0;
// Give a name that will appear on the user interface
$ldap_queries[$query_id]['name'] = 'Users';
// Define the ldap base used for user searches
$ldap_queries[$query_id]['userbase'] = 'ou=users,dc=yunohost,dc=org';
// Define the user filter to apply
// Must begin with '(' and end with ')'
// Note that for AD, checking the 'active' status of a user is done with the following filter:
// "(&(objectCategory=Person)(objectClass=user)(!(userAccountControl=514)))"
$ldap_queries[$query_id]['userfilter'] = '(&(objectClass=inetOrgPerson))';
// Define how deep under the userbase you want to search
// 'sub' means: search on the entire subtree
// 'one' means: only search 1 level under the userbase
// 'base' means: only search the userbase DN entry
$ldap_queries[$query_id]['userscope'] = 'sub';
// Define the user's attribute that provides the firstname
// do not use capital letters in the attribute name
// for instance use 'givenname' and not 'givenName'
$ldap_queries[$query_id]['firstname_attr'] = 'givenName';
// Give the user's attribute that provides the lastname
// do not use capital letters in the attribute name
$ldap_queries[$query_id]['lastname_attr'] = 'sn';
// Give the user's attribute that provides the email address
// do not use capital letters in the attribute name
// If multivalued, only the first entry is read
$ldap_queries[$query_id]['email_attr'] = 'mail';
// Optionnally give the user's attributes that provides the
// token, language, attr1 and attr2 piece of information
// do not use capital letters in the attribute name
// if unused, leave empty or comment the lines
$ldap_queries[$query_id]['token_attr'] = ''; // Leave empty for Auto Token generation bu phpsv
$ldap_queries[$query_id]['language'] = '';
$ldap_queries[$query_id]['attr1'] = '';
$ldap_queries[$query_id]['attr2'] = '';
//DO NOT CHANGE BELOW HERE --------------------
return array('ldap_server' => $ldap_server, 'ldap_queries' => $ldap_queries);
?>