Apply suggested changes

This commit is contained in:
publicdesert 2022-06-15 22:48:56 +02:00 committed by nitnelave
parent a67128338d
commit fc7ec97051
2 changed files with 5 additions and 4 deletions

View File

@ -7,10 +7,12 @@ Select `LDAP (via BindDN)`
* Bind DN: `uid=admin,ou=people,dc=example,dc=com` * Bind DN: `uid=admin,ou=people,dc=example,dc=com`
* Bind Password: Your bind user's password * Bind Password: Your bind user's password
* User Search Base: `ou=people,dc=example,dc=com` * User Search Base: `ou=people,dc=example,dc=com`
* User Filter: In this example only members of the group `git_user` can log in. To log in they can either use their email address or user name:<br> * User Filter: If you want all users to be able to log in, use<br>
`(&(objectClass=person)(|(uid=%[1]s)(mail=%[1]s)))`.<br>
To log in they can either use their email address or user name. If you only want members a specific group to be able to log in, in this case the group `git_user`, use<br>
`(&(memberof=cn=git_user,ou=groups,dc=example,dc=com)(|(uid=%[1]s)(mail=%[1]s)))`<br> `(&(memberof=cn=git_user,ou=groups,dc=example,dc=com)(|(uid=%[1]s)(mail=%[1]s)))`<br>
For more info on the user filter, see: https://docs.gitea.io/en-us/authentication/#ldap-via-binddn For more info on the user filter, see: https://docs.gitea.io/en-us/authentication/#ldap-via-binddn
* Admin Filter: Use similar string as above or leave it empty if you don't want LDAP users to be admins. * Admin Filter: Use `(memberof=cn=lldap_admin,ou=groups,dc=example,dc=com)` if you want lldap admins to become Gitea admins. Leave empty otherwise.
* Username Attribute: `uid` * Username Attribute: `uid`
* Email Attribute: `mail` * Email Attribute: `mail`
* Check `Enable User Synchronization` * Check `Enable User Synchronization`

View File

@ -7,12 +7,11 @@ Add the following to your `seafile/conf/ccnet.conf` file:
HOST = ldap://192.168.1.100:3890 HOST = ldap://192.168.1.100:3890
BASE = ou=people,dc=example,dc=com BASE = ou=people,dc=example,dc=com
USER_DN = uid=admin,ou=people,dc=example,dc=com USER_DN = uid=admin,ou=people,dc=example,dc=com
PASSWORD = YOURPASSWORDHERE PASSWORD = CHANGE_ME
LOGIN_ATTR = mail LOGIN_ATTR = mail
``` ```
* Replace `192.168.1.100:3890` with your lldap server's ip/hostname and port. * Replace `192.168.1.100:3890` with your lldap server's ip/hostname and port.
* Replace every instance of `dc=example,dc=com` with your configured domain. * Replace every instance of `dc=example,dc=com` with your configured domain.
* Replace `YOURPASSWORDHERE` with your bind user's password.
__IMPORTANT__: Seafile requires the LOGIN_ATTR to be in an email-like format. You cannot use the uid as LOGIN_ATTR! __IMPORTANT__: Seafile requires the LOGIN_ATTR to be in an email-like format. You cannot use the uid as LOGIN_ATTR!